thanks.
This is not for Android, it's server back-end but Java.
I've got an HTTP Server and HTTP Client app in java, and i've created the identities, bindings, service, etc.
When I run both, both enroll.
Is it correct that the Client also enroll with the same service? It seems strange, but i have to give a value.
When I try and call the zitified name (http.ziti in my case), i can see that ziti resolves it to the IP address 100.64.1.2, but I get a SocketTimeoutException.
Here is part of my code:
final ZitiContext zitiContext = Ziti.newContext(identityFile, "".toCharArray());
try {
Thread.sleep(5000); // sleep to let ZitiContext initialize
final OkHttpClient client = newHttpClient();
final String url = "http://http.ziti:8081/api/hello";
final Request req = new Request.Builder()
.get()
.url(url).build();
System.out.println("Calling: " + url);
final Response resp = client.newCall(req).execute();
System.out.println(resp);
} catch (final Exception e) {
System.err.println("Error making http call: " + e.getMessage());
e.printStackTrace();
return;
} finally {
zitiContext.destroy();
}
}
private static final OkHttpClient newHttpClient() throws Exception {
final KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
final TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ks);
final X509TrustManager tm = (X509TrustManager) tmf.getTrustManagers()[0];
final OkHttpClient clt = new OkHttpClient.Builder()
.socketFactory(Ziti.getSocketFactory())
.sslSocketFactory(Ziti.getSSLSocketFactory(), tm)
.dns(hostname -> {
System.out.println("resolving hostname " + hostname);
System.out.println("DNS DUMP:");
final StringWriter stringWriter = new StringWriter();
Ziti.getDNSResolver().dump(stringWriter);
final String output = stringWriter.toString();
System.out.println("Data written to the Writer:");
System.out.println(output);
InetAddress address = Ziti.getDNSResolver().resolve(hostname);
if (address == null) {
System.out.println("Address is null");
address = InetAddress.getByName(hostname);
} else {
System.out.println("1. Address is " + address);
}
System.out.println("2. Address is " + address);
final List<InetAddress> result = address != null ? Collections.singletonList(address) : Collections.emptyList();
System.out.println("Returning result: ");
return result;
})
.callTimeout(5, TimeUnit.MINUTES)
.build();
return clt;
}
And this is the output I see:
Calling: http://http.ziti:8081/api/hello
resolving hostname http.ziti
DNS DUMP:
Data written to the Writer:
http.ziti -> http.ziti/100.64.1.2
== Wildcard Domains ==
1. Address is http.ziti/100.64.1.2
2. Address is http.ziti/100.64.1.2
Returning result:
[DefaultDispatcher-worker-5] INFO org.openziti.api.Controller - POST https://ziti-edge-controller:1280/edge/client/v1/sessions session=cm4tyibz401qqqcmtk0busw97 t[DefaultDispatcher-worker-5]
[DefaultDispatcher-worker-1] WARN ziti-conn[xdjyxpxtv3/1] - closed
Error making http call: timeout
java.net.SocketTimeoutException: timeout
at okio.SocketAsyncTimeout.newTimeoutException(JvmOkio.kt:146)
at okio.AsyncTimeout.access$newTimeoutException(AsyncTimeout.kt:161)
at okio.AsyncTimeout$source$1.read(AsyncTimeout.kt:339)
at okio.RealBufferedSource.indexOf(RealBufferedSource.kt:430)
at okio.RealBufferedSource.readUtf8LineStrict(RealBufferedSource.kt:323)
at okhttp3.internal.http1.HeadersReader.readLine(HeadersReader.kt:29)
at okhttp3.internal.http1.Http1ExchangeCodec.readResponseHeaders(Http1ExchangeCodec.kt:180)
at okhttp3.internal.connection.Exchange.readResponseHeaders(Exchange.kt:110)
at okhttp3.internal.http.CallServerInterceptor.intercept(CallServerInterceptor.kt:93)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:34)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201)
at okhttp3.internal.connection.RealCall.execute(RealCall.kt:154)
at com.rhapsody.BasicHttpClient.main(BasicHttpClient.java:81)
Caused by: java.nio.channels.AsynchronousCloseException
at org.openziti.net.InputChannel$DefaultImpls.read$lambda$11(InputChannel.kt:159)
at kotlinx.coroutines.InvokeOnCompletion.invoke(JobSupport.kt:1534)
at kotlinx.coroutines.JobSupport.notifyCompletion(JobSupport.kt:1625)
at kotlinx.coroutines.JobSupport.completeStateFinalization(JobSupport.kt:316)
at kotlinx.coroutines.JobSupport.finalizeFinishingState(JobSupport.kt:233)
at kotlinx.coroutines.JobSupport.tryMakeCompletingSlowPath(JobSupport.kt:946)
at kotlinx.coroutines.JobSupport.tryMakeCompleting(JobSupport.kt:894)
at kotlinx.coroutines.JobSupport.makeCompletingOnce$kotlinx_coroutines_core(JobSupport.kt:859)
at kotlinx.coroutines.AbstractCoroutine.resumeWith(AbstractCoroutine.kt:98)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:46)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:99)
at kotlinx.coroutines.internal.LimitedDispatcher$Worker.run(LimitedDispatcher.kt:113)
at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:89)
at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:589)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:823)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:720)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:707)
These are the CLI commands I used to set the client and server up:
ziti edge create identity http-client -a 'my-http-clients' -o http-client.jwt
ziti edge create identity http-server -a 'my-http-servers' -o http-server.jwt
ziti edge create config http.intercept.v1 intercept.v1 '{"protocols":["tcp"],"addresses":["http.ziti"], "portRanges":[{"low":8081, "high":8081}]}'
ziti edge create config http.host.v1 host.v1 '{"protocol":"tcp", "address":"ziti-http-server", "port":8081}'
ziti edge create service http.svc --configs http.intercept.v1,http.host.v1
ziti edge create service-policy http.policy.dial Dial --service-roles "@http.svc" --identity-roles '#my-http-clients'
ziti edge create service-policy http.policy.bind Bind --service-roles '@http.svc' --identity-roles "@fXzy2PmKV3"
I am struggling to figure out why my client can't call my server.
Any ideas would be much appreciated.