Hello Team I m trying to connect the destination to alicloud Airbyte #connector-development

Hello Team, I’m trying to connect the destination ...

Jags (Kloud.io)

01/27/2022, 11:42 AM

Hello Team, I’m trying to connect the destination to alicloud apsaraDB for mongoDB and I get this error:

Copy code

Timed out after 30000 ms while waiting for a server that matches com.mongodb.client.internal.MongoClientDelegate$1@2575f671. Client view of cluster state is {type=REPLICA_SET, servers=[{address=<http://dds-pub.mongodb.ap-southeast-5.rds.aliyuncs.com:3717|dds-pub.mongodb.ap-southeast-5.rds.aliyuncs.com:3717>, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketWriteException: Exception sending message}, caused by {javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}

Can you help me how to fix this?

fe wielemaker

01/27/2022, 2:01 PM

Hi @Faris Alfa Mauludy, looks like you have some SSL problems. Does your target database is using SSL/TLS? Did you activate TLS connection in your destination setup?

fe wielemaker

01/27/2022, 2:08 PM

I'm using Alicloud ApsaraDB for mongo, so this is because of I'm not activating tls/ssl ya @Augustin Lafanechere (Airbyte)?

fe wielemaker

01/27/2022, 2:16 PM

That or the certificate Alicloud is serving back to Airbyte is not considered trusted by Airbytes truststore. If thats the case enabling TLS in Airbyte for MongoDb still will not work.

fe wielemaker

01/27/2022, 2:21 PM

Hi @Noah Kawasaki @Augustin Lafanechere (Airbyte) I think the ssl is enable on our mongodb, so the airbyte still can't connect ya

fe wielemaker

01/27/2022, 2:22 PM

Did you activate TLS on your connection setup @Faris Alfa Mauludy?

fe wielemaker

01/27/2022, 2:22 PM

Or should I download the certificate and install on airbyte server?

fe wielemaker

01/27/2022, 2:25 PM

We are refering to SSL/TLS in the mongo connection in Airbyte, not the Airbyte servers SSL. Can you go to the Mongo destination connection?

fe wielemaker

01/27/2022, 2:28 PM

Hi @Noah Kawasaki, yes I can login to mongoDB from local and inside the airbyte server, but when I setup the destination on airbyte, it get those error.

fe wielemaker

01/27/2022, 2:31 PM

Did you activate TLS on your connection setup @Augustin Lafanechere (Airbyte)

I think I forget to activate, but let me check

fe wielemaker

01/27/2022, 2:39 PM

I guess no option for tls, only ssl. and it’s enabled @Augustin Lafanechere (Airbyte)

fe wielemaker

01/27/2022, 2:53 PM

I meant on the destination connector setup in Airbyte:

fe wielemaker

01/27/2022, 2:55 PM

I’m using replica-set so no option to enable tls/ssl

fe wielemaker

01/27/2022, 3:17 PM

Copy code

caused by {javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}, caused by {sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}},

fe wielemaker

01/27/2022, 3:28 PM

Oh interesting that means either Airbyte needs to add the ability to not use TLS on a replica, or the replica needs to start using TLS

Ali Mojiz

01/27/2022, 4:06 PM

We are enforcing SSL for connection to replica set:

Copy code

"<mongodb://%s%s/%s?authSource=admin&directConnection=false&ssl=true>";

Ali Mojiz

01/27/2022, 4:08 PM

interesting then, so why still unable to connect ya, should I tried to update new ssl? or create it disable the ssl insted?

Ali Mojiz

01/27/2022, 4:14 PM

@Faris Alfa Mauludy could you double-check your replica set is really using TLS. If it is it probably means you can try to install the certificate on Airbyte yourself because the alicloud one is not trusted.

Ali Mojiz

01/27/2022, 4:19 PM

I'm not sure installing the certificate is something you can achieve. It would require mounting a volume to the destination container, at

$JAVA_HOME/lib/security/cacerts

, but this container is dynamically created and can't be customized by the operator.

Ali Mojiz

01/27/2022, 4:20 PM

Feel free to open an issue on our repo to request the upload of a custom certificate in the replica-set config of the Mongo destination connector.

Ali Mojiz

01/27/2022, 4:25 PM

Alright thanks @Augustin Lafanechere (Airbyte), I'll request to upload custom certificate (alicloud) on airbyte repo then, thanks

Ali Mojiz

01/27/2022, 4:50 PM

already open an issue https://github.com/airbytehq/airbyte/issues/9843 Thanks guys @Augustin Lafanechere (Airbyte) @Noah Kawasaki

Daniel Eduardo Portugal Revilla

01/27/2022, 5:16 PM

Its also worth a request to support toggle able SSL on mongo. Ive actually looked through a lot of jdbc connectors and was surprised to see many of them making assumptions about SSL which cause this exact problem (not being able to connect at all). Ill go ahead and file something for this too

ahsen m

03/23/2022, 8:06 PM

@Faris Alfa Mauludy https://github.com/airbytehq/airbyte/pull/10995 there’s a PR in progress you might want to jump in there as well

2 Views

Open in Slack

Previous Next