pasting applyedits gives Hostname bytebin.lucko.me not verified exception error
mrfloris opened this issue ยท 5 comments
Hey :)
I've fresh installed LuckPerm jenkins build on spigot 1.15.2 and after basic setup and /stop and a start, I've run migrate from groupmanager which went successful. I was able to restart the server without groupmanager and run the lp editor to get the web editor to show me everything's there.
When I clicked save and copy paste the applyedits command in console i noticed this
Hostname bytebin.lucko.me not verified
in
>lp applyedits (string-redacted)
[15:28:55] [pool-11-thread-1/WARN]: java.lang.RuntimeException: javax.net.ssl.SSLPeerUnverifiedException: Hostname bytebin.lucko.me not verified (no certificates)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.common.web.WebEditor.readDataFromBytebin(WebEditor.java:178)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.common.commands.misc.ApplyEditsCommand.execute(ApplyEditsCommand.java:83)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.common.command.abstraction.SingleCommand.execute(SingleCommand.java:50)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.common.command.abstraction.SingleCommand.execute(SingleCommand.java:42)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.common.command.CommandManager.execute(CommandManager.java:202)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.common.command.CommandManager.lambda$executeCommand$1(CommandManager.java:143)
[15:28:55] [pool-11-thread-1/WARN]: at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1700)
[15:28:55] [pool-11-thread-1/WARN]: at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
[15:28:55] [pool-11-thread-1/WARN]: at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
[15:28:55] [pool-11-thread-1/WARN]: at java.base/java.lang.Thread.run(Thread.java:834)
[15:28:55] [pool-11-thread-1/WARN]: Caused by: javax.net.ssl.SSLPeerUnverifiedException: Hostname bytebin.lucko.me not verified (no certificates)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.connection.RealConnection.connectTls(RealConnection.java:353)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.java:300)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.connection.RealConnection.connect(RealConnection.java:185)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.java:224)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.java:108)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.java:88)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.connection.Transmitter.newExchange(Transmitter.java:169)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:41)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:94)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:88)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:229)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.lib.okhttp3.RealCall.execute(RealCall.java:81)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.common.web.AbstractHttpClient.makeHttpRequest(AbstractHttpClient.java:47)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.common.web.BytebinClient.makeHttpRequest(BytebinClient.java:69)
[15:28:55] [pool-11-thread-1/WARN]: at me.lucko.luckperms.common.web.WebEditor.readDataFromBytebin(WebEditor.java:165)
[15:28:55] [pool-11-thread-1/WARN]: ... 9 more
>
Did I forget to set something up? Other things like discordsrv and other stuff that use web things or api end points etc seem to be okay.
>ver LuckPerms
[15:33:24] [Server thread/INFO]: LuckPerms version 5.0.116
[15:33:24] [Server thread/INFO]: A permissions plugin
[15:33:24] [Server thread/INFO]: Website: https://luckperms.net
[15:33:24] [Server thread/INFO]: Author: Luck
>ver
[15:33:25] [Server thread/INFO]: This server is running CraftBukkit version git-Spigot-a03b1fd-bbe3d58 (MC: 1.15.2) (Implementing API version 1.15.2-R0.1-SNAPSHOT)
[15:33:25] [Server thread/INFO]: Checking version, please wait...
[15:33:26] [Thread-59/INFO]: You are running the latest version
>
bytebin.lucko.me uses CloudFlare for SSL, so it should be valid. Might be something on your (hosts) end
I think this may be okhttp being picky about the SSL certificate, but can't work out a good workaround.
There's an option to just simply disable hostname verification entirely, but that seems like a bad idea.
I thought the commit above might work but it just resulted in this error.
>lp editor
[17:45:37 INFO]: [LP] Preparing a new editor session. Please wait...
[17:45:37 WARN]: java.lang.RuntimeException: Error uploading data to bytebin
[17:45:37 WARN]: at me.lucko.luckperms.common.web.WebEditor.post(WebEditor.java:140)
[17:45:37 WARN]: at me.lucko.luckperms.common.commands.misc.EditorCommand.execute(EditorCommand.java:132)
[17:45:37 WARN]: at me.lucko.luckperms.common.command.abstraction.SingleCommand.execute(SingleCommand.java:50)
[17:45:37 WARN]: at me.lucko.luckperms.common.command.abstraction.SingleCommand.execute(SingleCommand.java:42)
[17:45:37 WARN]: at me.lucko.luckperms.common.command.CommandManager.execute(CommandManager.java:202)
[17:45:37 WARN]: at me.lucko.luckperms.common.command.CommandManager.lambda$executeCommand$1(CommandManager.java:143)
[17:45:37 WARN]: at java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1590)
[17:45:37 WARN]: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
[17:45:37 WARN]: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
[17:45:37 WARN]: at java.lang.Thread.run(Thread.java:748)
[17:45:37 WARN]: Caused by: javax.net.ssl.SSLPeerUnverifiedException: Hostname bytebin.lucko.me not verified:
certificate: sha256/YcWehZ+6MdV54PmSracZ8qTUJUGnkzRQUdAIo94q2fg=
DN: CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, ST=CA, C=US
subjectAltNames: [lucko.me, sni.cloudflaressl.com, *.lucko.me]
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.connection.RealConnection.connectTls(RealConnection.java:350)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.java:300)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.connection.RealConnection.connect(RealConnection.java:185)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.java:224)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.java:108)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.java:88)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.connection.Transmitter.newExchange(Transmitter.java:169)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:41)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:94)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:88)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:229)
[17:45:37 WARN]: at me.lucko.luckperms.lib.okhttp3.RealCall.execute(RealCall.java:81)
[17:45:37 WARN]: at me.lucko.luckperms.common.web.AbstractHttpClient.makeHttpRequest(AbstractHttpClient.java:47)
[17:45:37 WARN]: at me.lucko.luckperms.common.web.BytebinClient.makeHttpRequest(BytebinClient.java:69)
[17:45:37 WARN]: at me.lucko.luckperms.common.web.BytebinClient.postContent(BytebinClient.java:94)
[17:45:37 WARN]: at me.lucko.luckperms.common.web.WebEditor.post(WebEditor.java:138)
[17:45:37 WARN]: ... 9 more
[17:45:37 INFO]: [LP] Unable to upload permission data to the editor.
>
The fact that you're getting:
Hostname bytebin.lucko.me not verified (no certificates)
in particular "no certificates" makes me think this might actually be an issue with your setup & not okhttp.
The info regarding Java & SSL online is sparse so I'm struggling to find things to suggest. I guess simply making sure your operating system is up to date with the latest security patches / making sure Java is up to date is a good place to start - this will make sure the certificate truststore is up to date, which might fix the problem.
Also for what it's worth: the vast vast majority of users don't have this issue - only a couple of reports of it in the last few months.
Leads me to believe even more it's caused by out of date certificate stores - which would likely be solved by the steps outlined above.
I just noticed after giving it a couple of days, that typing this in-game it seems to work.