java.lang.ClassCastException: org.bouncycastle.cert.X509CertificateHolder cannot be cast to org.bouncycastle.asn1.x509.SubjectPublicKeyInfo

JIRA | Andrew Kerr | 2 years ago
  1. 0

    I've replaced my hostname with 'hostname', domain with 'domain'. Running puppetserver-0.2.2-1.el6.noarch on the server, puppet-3.6.2-1.el6.noarch on the client. Both on CentOS 6.5. This error occurs when a new client is attempting to connect, and I have auto-signing on. Hundreds of existing clients are having no problem connecting. root@hostname.domain.com~]# puppet agent -t --server=puppetmaster.domain.com Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml Info: Creating a new SSL certificate request for x.x.x.x Info: Certificate Request fingerprint (SHA256): 85:87:79:1E:E9:84:E7:48:ED:A0:3E:4B:DF:8E:AB:1B:1F:B5:CD:97:FF:A5:C7:A2:61:8D:D5:4C:57:64:0B:F0 Error: Could not request certificate: Error 500 on SERVER: <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/> <title>Error 500 </title> </head> <body> <h2>HTTP ERROR: 500</h2> <p>Problem accessing /production/certificate_request/hostname.domain.com. Reason: <pre> org.bouncycastle.cert.X509CertificateHolder cannot be cast to org.bouncycastle.asn1.x509.SubjectPublicKeyInfo</pre></p> <hr /><i><small>Powered by Jetty://</small></i> </body> </html> Exiting; failed to retrieve certificate and waitforcert is disabled on the server, in puppetserver.log, this is all I see: 2014-10-20 19:01:02,140 WARN [o.e.j.s.HttpChannel] /production/certificate_request/hostname.domain.com java.lang.ClassCastException: org.bouncycastle.cert.X509CertificateHolder cannot be cast to org.bouncycastle.asn1.x509.SubjectPublicKeyInfo at com.puppetlabs.certificate_authority.CertificateAuthority.pemToPublicKey(CertificateAuthority.java:533) ~[puppet-server-release.jar:na] at puppetlabs.certificate_authority.core$pem__GT_public_key$fn__6957.invoke(core.clj:656) ~[na:na] at puppetlabs.certificate_authority.core$pem__GT_public_key.invoke(core.clj:655) ~[na:na] at puppetlabs.puppetserver.certificate_authority$eval9501$autosign_certificate_request_BANG___9502$fn__9506.invoke(certificate_authority.clj:738) ~[na:na] at puppetlabs.puppetserver.certificate_authority$eval9501$autosign_certificate_request_BANG___9502.invoke(certificate_authority.clj:721) ~[na:na] at puppetlabs.puppetserver.certificate_authority$eval9636$process_csr_submission_BANG___9637$fn__9641.invoke(certificate_authority.clj:825) ~[na:na] at puppetlabs.puppetserver.certificate_authority$eval9636$process_csr_submission_BANG___9637.invoke(certificate_authority.clj:806) ~[na:na] at puppetlabs.services.ca.certificate_authority_core$eval12667$handle_put_certificate_request_BANG___12668$fn__12669.invoke(certificate_authority_core.clj:41) ~[na:na] at puppetlabs.services.ca.certificate_authority_core$eval12667$handle_put_certificate_request_BANG___12668.invoke(certificate_authority_core.clj:36) ~[na:na] at puppetlabs.services.ca.certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746$fn__12753$fn__12756.invoke(certificate_authority_core.clj:284) ~[na:na] at compojure.core$make_route$fn__10848.invoke(core.clj:99) ~[na:na] at compojure.core$if_route$fn__10832.invoke(core.clj:45) ~[na:na] at compojure.core$if_method$fn__10825.invoke(core.clj:30) ~[na:na] at compojure.core$routing$fn__10854.invoke(core.clj:112) ~[na:na] at clojure.core$some.invoke(core.clj:2443) ~[puppet-server-release.jar:na] at compojure.core$routing.doInvoke(core.clj:112) ~[na:na] at clojure.lang.RestFn.invoke(RestFn.java:439) ~[puppet-server-release.jar:na] at puppetlabs.services.ca.certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746$fn__12753.invoke(certificate_authority_core.clj:283) ~[na:na] at compojure.core$wrap_context$fn__10909.invoke(core.clj:176) ~[na:na] at compojure.core$if_route$fn__10832.invoke(core.clj:45) ~[na:na] at compojure.core$routing$fn__10854.invoke(core.clj:112) ~[na:na] at clojure.core$some.invoke(core.clj:2443) ~[puppet-server-release.jar:na] at compojure.core$routing.doInvoke(core.clj:112) ~[na:na] at clojure.lang.RestFn.invoke(RestFn.java:486) ~[puppet-server-release.jar:na] at puppetlabs.services.ca.certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746.invoke(certificate_authority_core.clj:285) ~[na:na] at compojure.core$wrap_context$fn__10909.invoke(core.clj:176) ~[na:na] at compojure.core$if_route$fn__10832.invoke(core.clj:45) ~[na:na] at puppetlabs.services.ca.certificate_authority_core$wrap_with_puppet_version_header$fn__12773.invoke(certificate_authority_core.clj:293) ~[na:na] at puppetlabs.puppetserver.ringutils$wrap_response_logging$fn__9997.invoke(ringutils.clj:34) ~[na:na] at compojure.core$routing$fn__10854.invoke(core.clj:112) ~[na:na] at clojure.core$some.invoke(core.clj:2443) ~[puppet-server-release.jar:na] at compojure.core$routing.doInvoke(core.clj:112) ~[na:na] at clojure.lang.RestFn.invoke(RestFn.java:423) ~[puppet-server-release.jar:na] at puppetlabs.services.ca.certificate_authority_service$reify__12800$service_fnk__5254__auto___positional$reify__12809$fn__12810.invoke(certificate_authority_service.clj:19) ~[na:na] at compojure.core$wrap_context$fn__10909.invoke(core.clj:176) ~[na:na] at compojure.core$if_route$fn__10832.invoke(core.clj:45) ~[na:na] at puppetlabs.trapperkeeper.services.webserver.jetty9_core$ring_handler$fn__7605.invoke(jetty9_core.clj:299) ~[na:na] at puppetlabs.trapperkeeper.services.webserver.jetty9_core.proxy$org.eclipse.jetty.server.handler.AbstractHandler$0.handle(Unknown Source) ~[na:na] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1112) ~[puppet-server-release.jar:na] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1048) ~[puppet-server-release.jar:na] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) ~[puppet-server-release.jar:na] at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:199) ~[puppet-server-release.jar:na] at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109) ~[puppet-server-release.jar:na] at org.eclipse.jetty.servlets.gzip.GzipHandler.handle(GzipHandler.java:325) ~[puppet-server-release.jar:na] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) ~[puppet-server-release.jar:na] at org.eclipse.jetty.server.Server.handle(Server.java:459) ~[puppet-server-release.jar:na] at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:280) ~[puppet-server-release.jar:na] at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:229) [puppet-server-release.jar:na] at org.eclipse.jetty.io.AbstractConnection$1.run(AbstractConnection.java:505) [puppet-server-release.jar:na] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:607) [puppet-server-release.jar:na] at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:536) [puppet-server-release.jar:na] at java.lang.Thread.run(Thread.java:745) [na:1.7.0_65]

    JIRA | 2 years ago | Andrew Kerr
    java.lang.ClassCastException: org.bouncycastle.cert.X509CertificateHolder cannot be cast to org.bouncycastle.asn1.x509.SubjectPublicKeyInfo
  2. 0

    Add Asimba IDP - add certificate exception

    GitHub | 3 months ago | dmogn
    java.lang.ClassCastException: org.bouncycastle.cert.X509CertificateHolder cannot be cast to java.security.cert.X509Certificate
  3. 0

    Re: [Candy Support 1299] Getting These Errors When Trying to Log in to The Candy Example

    Google Groups | 2 years ago | Michael Weibel
    java.lang.ClassCastException: org.bouncycastle.asn1.DERTaggedObject cannot be cast to org.bouncycastle.asn1.ASN1Sequence
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    how to print the X509_REQ in xcode for all latest revision of MAC OS X 10.9.5 10.8.5 10.10

    Stack Overflow | 2 years ago | Saravana
    java.lang.ClassCastException: org.bouncycastle.asn1.DERUTF8String cannot be cast to org.bouncycastle.asn1.DERPrintableString
  6. 0

    Validate pkcs7 SignedData by Bouncy Castle in Java

    Stack Overflow | 12 months ago | Peyton2 Xu
    java.lang.ClassCastException: org.bouncycastle.asn1.DERSequenceParser cannot be cast to org.bouncycastle.asn1.ASN1OctetStringParser

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. java.lang.ClassCastException

      org.bouncycastle.cert.X509CertificateHolder cannot be cast to org.bouncycastle.asn1.x509.SubjectPublicKeyInfo

      at com.puppetlabs.certificate_authority.CertificateAuthority.pemToPublicKey()
    2. com.puppetlabs.certificate_authority
      CertificateAuthority.pemToPublicKey
      1. com.puppetlabs.certificate_authority.CertificateAuthority.pemToPublicKey(CertificateAuthority.java:533)[puppet-server-release.jar:na]
      1 frame
    3. puppetlabs.certificate_authority
      core$pem__GT_public_key.invoke
      1. puppetlabs.certificate_authority.core$pem__GT_public_key$fn__6957.invoke(core.clj:656)[na:na]
      2. puppetlabs.certificate_authority.core$pem__GT_public_key.invoke(core.clj:655)[na:na]
      2 frames
    4. puppetlabs.puppetserver
      certificate_authority$eval9636$process_csr_submission_BANG___9637.invoke
      1. puppetlabs.puppetserver.certificate_authority$eval9501$autosign_certificate_request_BANG___9502$fn__9506.invoke(certificate_authority.clj:738)[na:na]
      2. puppetlabs.puppetserver.certificate_authority$eval9501$autosign_certificate_request_BANG___9502.invoke(certificate_authority.clj:721)[na:na]
      3. puppetlabs.puppetserver.certificate_authority$eval9636$process_csr_submission_BANG___9637$fn__9641.invoke(certificate_authority.clj:825)[na:na]
      4. puppetlabs.puppetserver.certificate_authority$eval9636$process_csr_submission_BANG___9637.invoke(certificate_authority.clj:806)[na:na]
      4 frames
    5. puppetlabs.services.ca
      certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746$fn__12753$fn__12756.invoke
      1. puppetlabs.services.ca.certificate_authority_core$eval12667$handle_put_certificate_request_BANG___12668$fn__12669.invoke(certificate_authority_core.clj:41)[na:na]
      2. puppetlabs.services.ca.certificate_authority_core$eval12667$handle_put_certificate_request_BANG___12668.invoke(certificate_authority_core.clj:36)[na:na]
      3. puppetlabs.services.ca.certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746$fn__12753$fn__12756.invoke(certificate_authority_core.clj:284)[na:na]
      3 frames
    6. kifshare
      core$routing$fn__10854.invoke
      1. compojure.core$make_route$fn__10848.invoke(core.clj:99)[na:na]
      2. compojure.core$if_route$fn__10832.invoke(core.clj:45)[na:na]
      3. compojure.core$if_method$fn__10825.invoke(core.clj:30)[na:na]
      4. compojure.core$routing$fn__10854.invoke(core.clj:112)[na:na]
      4 frames
    7. Clojure
      core$some.invoke
      1. clojure.core$some.invoke(core.clj:2443)[puppet-server-release.jar:na]
      1 frame
    8. kifshare
      core$routing.doInvoke
      1. compojure.core$routing.doInvoke(core.clj:112)[na:na]
      1 frame
    9. Clojure
      RestFn.invoke
      1. clojure.lang.RestFn.invoke(RestFn.java:439)[puppet-server-release.jar:na]
      1 frame
    10. puppetlabs.services.ca
      certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746$fn__12753.invoke
      1. puppetlabs.services.ca.certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746$fn__12753.invoke(certificate_authority_core.clj:283)[na:na]
      1 frame
    11. kifshare
      core$routing$fn__10854.invoke
      1. compojure.core$wrap_context$fn__10909.invoke(core.clj:176)[na:na]
      2. compojure.core$if_route$fn__10832.invoke(core.clj:45)[na:na]
      3. compojure.core$routing$fn__10854.invoke(core.clj:112)[na:na]
      3 frames
    12. Clojure
      core$some.invoke
      1. clojure.core$some.invoke(core.clj:2443)[puppet-server-release.jar:na]
      1 frame
    13. kifshare
      core$routing.doInvoke
      1. compojure.core$routing.doInvoke(core.clj:112)[na:na]
      1 frame
    14. Clojure
      RestFn.invoke
      1. clojure.lang.RestFn.invoke(RestFn.java:486)[puppet-server-release.jar:na]
      1 frame
    15. puppetlabs.services.ca
      certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746.invoke
      1. puppetlabs.services.ca.certificate_authority_core$eval12743$routes__12744$fn__12745$fn__12746.invoke(certificate_authority_core.clj:285)[na:na]
      1 frame
    16. kifshare
      core$if_route$fn__10832.invoke
      1. compojure.core$wrap_context$fn__10909.invoke(core.clj:176)[na:na]
      2. compojure.core$if_route$fn__10832.invoke(core.clj:45)[na:na]
      2 frames
    17. puppetlabs.services.ca
      certificate_authority_core$wrap_with_puppet_version_header$fn__12773.invoke
      1. puppetlabs.services.ca.certificate_authority_core$wrap_with_puppet_version_header$fn__12773.invoke(certificate_authority_core.clj:293)[na:na]
      1 frame
    18. puppetlabs.puppetserver
      ringutils$wrap_response_logging$fn__9997.invoke
      1. puppetlabs.puppetserver.ringutils$wrap_response_logging$fn__9997.invoke(ringutils.clj:34)[na:na]
      1 frame
    19. kifshare
      core$routing$fn__10854.invoke
      1. compojure.core$routing$fn__10854.invoke(core.clj:112)[na:na]
      1 frame
    20. Clojure
      core$some.invoke
      1. clojure.core$some.invoke(core.clj:2443)[puppet-server-release.jar:na]
      1 frame
    21. kifshare
      core$routing.doInvoke
      1. compojure.core$routing.doInvoke(core.clj:112)[na:na]
      1 frame
    22. Clojure
      RestFn.invoke
      1. clojure.lang.RestFn.invoke(RestFn.java:423)[puppet-server-release.jar:na]
      1 frame
    23. puppetlabs.services.ca
      certificate_authority_service$reify__12800$service_fnk__5254__auto___positional$reify__12809$fn__12810.invoke
      1. puppetlabs.services.ca.certificate_authority_service$reify__12800$service_fnk__5254__auto___positional$reify__12809$fn__12810.invoke(certificate_authority_service.clj:19)[na:na]
      1 frame
    24. kifshare
      core$if_route$fn__10832.invoke
      1. compojure.core$wrap_context$fn__10909.invoke(core.clj:176)[na:na]
      2. compojure.core$if_route$fn__10832.invoke(core.clj:45)[na:na]
      2 frames
    25. puppetlabs.trapperkeeper.services
      AbstractHandler$0.handle
      1. puppetlabs.trapperkeeper.services.webserver.jetty9_core$ring_handler$fn__7605.invoke(jetty9_core.clj:299)[na:na]
      2. puppetlabs.trapperkeeper.services.webserver.jetty9_core.proxy$org.eclipse.jetty.server.handler.AbstractHandler$0.handle(Unknown Source)[na:na]
      2 frames
    26. Jetty
      QueuedThreadPool$3.run
      1. org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1112)[puppet-server-release.jar:na]
      2. org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1048)[puppet-server-release.jar:na]
      3. org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)[puppet-server-release.jar:na]
      4. org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:199)[puppet-server-release.jar:na]
      5. org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109)[puppet-server-release.jar:na]
      6. org.eclipse.jetty.servlets.gzip.GzipHandler.handle(GzipHandler.java:325)[puppet-server-release.jar:na]
      7. org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)[puppet-server-release.jar:na]
      8. org.eclipse.jetty.server.Server.handle(Server.java:459)[puppet-server-release.jar:na]
      9. org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:280)[puppet-server-release.jar:na]
      10. org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:229)[puppet-server-release.jar:na]
      11. org.eclipse.jetty.io.AbstractConnection$1.run(AbstractConnection.java:505)[puppet-server-release.jar:na]
      12. org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:607)[puppet-server-release.jar:na]
      13. org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:536)[puppet-server-release.jar:na]
      13 frames
    27. Java RT
      Thread.run
      1. java.lang.Thread.run(Thread.java:745)[na:1.7.0_65]
      1 frame