Forum Stats

  • 3,873,333 Users
  • 2,266,535 Discussions
  • 7,911,511 Comments

Discussions

Routing Token format invalid

4069143
4069143 Member Posts: 2
edited Aug 29, 2019 11:56AM in Secure Global Desktop

Hi,

I recently changed the certificate of the gateway and also upgraded from 5.3 to v5.4.

I re-generated self-sign certificates for SGD Servers 1 & 2 (array), allowed the Untrusted CA, imported the new SSL certificate (trusted, not self-signed) for the gateway and installed the sgd gateway certificate on the SGD array.

I can see the new certificate when browsing the gateway URL, i have the VDI broker restriction and then i have "Launching client" and then a gray/white screen.

In the SGD server logs i have an error :

WARNING: Routing token format invalid.

august 28, 2019 1:01:05 PM async.channel.router.AsyncRouterChannelService$ReadRoutingTokenOp parseBuffer

WARNING: Failed to read token for (TCP) Local=/XXXXXX:443, Remote=/XXXXXX:49937 via (SSL) TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 : async.channel.router.RoutingProtocol$RouteProtocolException: Could not read token body from websocket

i re-generated and re-followed the procedures again and again but still the same issue. I don't really see how to solve this.

Is someone have an idea ?

Thanks

Answers

  • Jan-Oracle
    Jan-Oracle Member Posts: 122 Employee
    edited Aug 28, 2019 11:28AM

    Is the time correct on the gateway and server, ie. are you using NTP? An incorrect routing token could be due to clock skew.

  • 4069143
    4069143 Member Posts: 2
    edited Aug 29, 2019 5:41AM

    yeah they have the same hour to the minute i double checked that too

    I just got the following error too:

    2019/08/29 11:38:11.938 (pid 26846) server/login/error  #1567071491938

    Oracle Secure Global Desktop (5.40.901) ERROR:

    Failed to generate an SGD gateway token.

    Exception was: com.sun.ssgd.routingtoken.RoutingTokenException: java.security.InvalidKeyException: Wrong key usage

        at com.sun.ssgd.routingtoken.RoutingToken.encode(Unknown Source)
        at com.sco.cid.net.services.GatewayTokenGenerator.generateToken(Unknown Source)
        at com.sco.tta.server.csh.ClientConnection.generateGatewayToken(Unknown Source)
        at com.sco.tta.server.csh.ClientConnection.addGatewayTokenToCookie(Unknown Source)
        at com.sco.tta.server.csh.ClientSessionObject.addGatewayTokenToCookie(Unknown Source)
        at com.sco.tta.server.soapcommands.EmulatorSession.buildOpenPEResponse(Unknown Source)
        at com.sco.tta.server.soapcommands.EmulatorSession.openPE(Unknown Source)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at com.sco.tta.server.server.soap.SOAPControlledElement.invoke(Unknown Source)
        at com.sco.tta.server.server.soap.SOAPController.invoke(Unknown Source)
        at com.sco.tta.server.server.soap.SOAPCalcTask.processEnvelope(Unknown Source)
        at com.sco.tta.server.server.CalcTask.runTask(Unknown Source)
        at com.sco.tta.server.server.Task.run(Unknown Source)
        at com.sco.cid.common.WorkerPool$Worker.run(Unknown Source)
        at java.lang.Thread.run(Thread.java:748)

    Connections via the SGD gateway will fail

  • Jan-Oracle
    Jan-Oracle Member Posts: 122 Employee
    edited Aug 29, 2019 11:56AM

    This requires more dedicated support, you should open a Service Request