[Gelöst] Cloud Desktop auf lokaler Installation nicht erreichbar

Administration
21

@Jean das hier steht am Ende von der setup_desktop.sh:

echo "
desktop.$DOMAIN {
  #tls internal
  redir / /guacamole/ 301
  reverse_proxy localhost:28925
}
" >> /etc/caddy/Caddyfile

Und dort ist ja ein # vor tls internal.

22

Neuinstallation hat nicht geklappt. Das # bei tls internal war immer noch da. Ich musste es händisch entfernen. Er lädt den Cloud Desktop immer noch nicht auch nach “sudo systemctl restart caddy” nachdem ich das # entfernt habe und die Datei gespeichert habe.
Log von docker-compose logs in /root/desktop: https://pastebin.com/mgVCqV6V

23

Sobalt ich auf die Verknüpfung im Portal klicke und mich anmelde lädt die Seite sehr oft neu. Dann lese ich: “LOGIN.INFO_IDP_REDIRECT_PENDING” danach “Bitte warten, Sie werden zum Inditätsprovider weiter geleitet” und dann wieder “LOGIN.INFO_IDP_REDIRECT_PENDING” und so weiter… Als Titel sehe ich dann manchmal “APP.NAME”. Hift das evtl.?

24

Aus Deiner ersten Log-Datei habe ich herausgelesen, dass guacamole das SSL-Zertifikat fehlt.

 docker cp /var/www/cert/lan.crt desktop_guacamole_1:/usr/local/share/ca-certificates/lan.crt
    # Also copy it to /opt/java/openjdk/jre/lib/security/cacerts inside the guacamole container
    docker cp /var/www/cert/lan.crt desktop_guacamole_1:/tmp/lan.crt
    docker exec -u 0 -it desktop_guacamole_1 update-ca-certificates
    # Trust the certificate in the java keystore
    docker exec -u 0 -it desktop_guacamole_1 bash -c "keytool -import -trustcacerts -keystore /opt/java/openjdk/jre/lib/security/cacerts -storepass changeit -noprompt -alias lan -file /tmp/lan.crt"

Das tls internal wird tatsächlich noch nicht manuell aktiviert, wenn man Cloud Desktop im internen Libre Workspace im Nachhinein installiert.
Wird im nächsten Update drinnen sein. Danke fürs melden.

Den Pastebin Link konnte ich nicht öffnen.

25

Also in der Datei von Pastebon stand fast das gleiche drin wie im ersten Log. Kommandos probiere ich jetzt.

26

@Jean Die Kommandos haben etwas gebracht. Bekomme aber folgenden Fehler:

Bildschirmfoto_2025-02-24_09-48-25
Bildschirmfoto_2025-02-24_09-48-251057×179 15.1 KB

Bildschirmfoto_2025-02-24_09-52-14

Muss ich danach noch irgendwas machen?
Ausgabe der Befehlen: (Habe sie in eine .sh Datei gepackt und diese dann mit sudo ausgeführt)

rehash: warning: skipping ca-certificates.crt,it does not contain exactly one certificate or CRL
1 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
Certificate was added to keystore
27

Probiere mal auf dem internen Server.
(Auf einem öffentlichen Server nicht empfohlen)

ufw allow 3389
28

Danke für die Hilfe!

Ich musste die Befehle von Jean ausführen, genauso wie den ufw Befehl.

1 „Gefällt mir“
29

Ich muss mich hier leider nochmal melden. Da ich den Libre Workspace neu aufgesetzt habe (SSD war kaputt), wollte ich den Cloud Desktop auf einer lokalen Instanz nutzen. Das funktionierte nicht, also die Befehle von oben wieder ausgeführt. Hat aber nix gebracht. Hier ein Ausschnitt der Log Datei:

guacamole_1  | 16:09:13.596 [http-nio-8080-exec-2] INFO  o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header {"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"} due to an unexpected exception (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) while obtaining or using keys from JWKS endpoint at https://portal.int.de/openid/jwks): JsonWebSignature{"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"}->eyJhbGciOiJSUzI1NiIsImtpZCI6IjMyZTZjMjYwZjk5OGE2NzJmOGQ1MTJkZGYxNTQxNmQyIn0.eyJpc3MiOiJodHRwczovL3BvcnRhbC5pbnQuZGUvb3BlbmlkIiwic3ViIjoiMiIsImF1ZCI6ImVuZ0FaNmllIiwiZXhwIjoxNzUwMDkwNzUzLCJpYXQiOjE3NTAwOTAxNTMsImF1dGhfdGltZSI6MTc1MDA4OTM2Niwibm9uY2UiOiJmdThwcjJkYjhkbGRvNmwwZjZpMjhoc3EyYyIsImVtYWlsIjoidmFsZW50aW4uaGVpbnR6ZUBwb3N0ZW8uZGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IlZhbGVudGluIEhlaW50emUiLCJnaXZlbl9uYW1lIjoiVmFsZW50aW4iLCJmYW1pbHlfbmFtZSI6IkhlaW50emUiLCJuaWNrbmFtZSI6InZhbGVudGluIiwicHJlZmVycmVkX3VzZXJuYW1lIjoidmFsZW50aW4iLCJwcm9maWxlIjp7Im5hbWUiOiJWYWxlbnRpbiBIZWludHplIiwiZ2l2ZW5fbmFtZSI6IlZhbGVudGluIiwiZmFtaWx5X25hbWUiOiJIZWludHplIiwibmlja25hbWUiOiJ2YWxlbnRpbiIsInByZWZlcnJlZF91c2VybmFtZSI6InZhbGVudGluIn19.P0LTWDFJ427204Km7sS-AycP9GbkeDBGvfvapxmnsf47AQSmvUeD-MIJSIPAqqmkyAPISKceOm6h939I15-_GBRyTy3fEizQqFn5lR3QpgA_tEZD3ZWaZXopJxJYPU4OsIGSKFCkyrE7wd4U5iPgSNsuzXAdBDh-aNUGb_sn71wXlKbZBVSTqZ7GX8sex2rz9mxRr-Wob0C55SpZeMDfA2c25Xbxiq4RxwVH-LVsZ88gz0dMfvY7y8-yYfmx1F8-gADOhkekG-RjiDA-9FXzoIoRObSDua0Sgz8fQgP7sMGRO63jvux-um0_yfhr128OeJJeaYXm5w2NSL8yAcYS5w]
guacamole_1  | 16:09:14.075 [http-nio-8080-exec-5] INFO  o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header {"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"} due to an unexpected exception (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) while obtaining or using keys from JWKS endpoint at https://portal.int.de/openid/jwks): JsonWebSignature{"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"}->eyJhbGciOiJSUzI1NiIsImtpZCI6IjMyZTZjMjYwZjk5OGE2NzJmOGQ1MTJkZGYxNTQxNmQyIn0.eyJpc3MiOiJodHRwczovL3BvcnRhbC5pbnQuZGUvb3BlbmlkIiwic3ViIjoiMiIsImF1ZCI6ImVuZ0FaNmllIiwiZXhwIjoxNzUwMDkwNzUzLCJpYXQiOjE3NTAwOTAxNTMsImF1dGhfdGltZSI6MTc1MDA4OTM2Niwibm9uY2UiOiIxZTczZ3A4N201ODQ2a3Vtc2pmMWpiYWNyZCIsImVtYWlsIjoidmFsZW50aW4uaGVpbnR6ZUBwb3N0ZW8uZGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IlZhbGVudGluIEhlaW50emUiLCJnaXZlbl9uYW1lIjoiVmFsZW50aW4iLCJmYW1pbHlfbmFtZSI6IkhlaW50emUiLCJuaWNrbmFtZSI6InZhbGVudGluIiwicHJlZmVycmVkX3VzZXJuYW1lIjoidmFsZW50aW4iLCJwcm9maWxlIjp7Im5hbWUiOiJWYWxlbnRpbiBIZWludHplIiwiZ2l2ZW5fbmFtZSI6IlZhbGVudGluIiwiZmFtaWx5X25hbWUiOiJIZWludHplIiwibmlja25hbWUiOiJ2YWxlbnRpbiIsInByZWZlcnJlZF91c2VybmFtZSI6InZhbGVudGluIn19.KiFkJtljLRv7s_bUZpUWK1yfIpeX3QCfOc96cUAdok2hS5LqrQl8wPztXGvieRF23_jpnNoRw1juXMhPFoizFST5RIO-YP8prCpd7-uLx9Pl0IKM2taTyC_K6r35GI487g307fdaDCKC34ZXyK5E2l_TzcbOVNeSr6mOcZM5VTjUIpKZ8cBdKuI4WuwXMU4Q-t8iGZgA8AeqtL9Q4LgjpOiWDswK4TgS-Kh8n21vz9dsiF1EkVHEtQL814flHACDhi8ISRtQKqj1GieTQ_crFORiinOFHzBBikqG_XXP7ILj1Y4QgZ7ygtBlDvtM44A1B2vfhAWEZKBVTe_sa95AJw]
guacamole_1  | 16:09:14.534 [http-nio-8080-exec-4] INFO  o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header {"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"} due to an unexpected exception (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) while obtaining or using keys from JWKS endpoint at https://portal.int.de/openid/jwks): JsonWebSignature{"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"}->eyJhbGciOiJSUzI1NiIsImtpZCI6IjMyZTZjMjYwZjk5OGE2NzJmOGQ1MTJkZGYxNTQxNmQyIn0.eyJpc3MiOiJodHRwczovL3BvcnRhbC5pbnQuZGUvb3BlbmlkIiwic3ViIjoiMiIsImF1ZCI6ImVuZ0FaNmllIiwiZXhwIjoxNzUwMDkwNzU0LCJpYXQiOjE3NTAwOTAxNTQsImF1dGhfdGltZSI6MTc1MDA4OTM2Niwibm9uY2UiOiJxY2w1cG1qNW5tdWNqamMycW5zZzdrb2NqayIsImVtYWlsIjoidmFsZW50aW4uaGVpbnR6ZUBwb3N0ZW8uZGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IlZhbGVudGluIEhlaW50emUiLCJnaXZlbl9uYW1lIjoiVmFsZW50aW4iLCJmYW1pbHlfbmFtZSI6IkhlaW50emUiLCJuaWNrbmFtZSI6InZhbGVudGluIiwicHJlZmVycmVkX3VzZXJuYW1lIjoidmFsZW50aW4iLCJwcm9maWxlIjp7Im5hbWUiOiJWYWxlbnRpbiBIZWludHplIiwiZ2l2ZW5fbmFtZSI6IlZhbGVudGluIiwiZmFtaWx5X25hbWUiOiJIZWludHplIiwibmlja25hbWUiOiJ2YWxlbnRpbiIsInByZWZlcnJlZF91c2VybmFtZSI6InZhbGVudGluIn19.uPJsWHsbPU7psMRDAv-9kIJKTKO41Gkm7OOYo4V-cltYTbGYuuBkFL4f4c-1EI__rjUXHY9H6k8vFShHuRLzjlNa0tPbiDhTFwRM3Fzqg7j3aMDap1Be0DahY1eE8vR4CAtdGA0ztI6nomXxZzSKGJSd4RGtJDQc-4DIHv9S6lhEtKid_6wWfx1lPkHA_YeJFkTLO9yzFPjmSZH9gvtDQsNiU1CH0G3Hhp1v1SrUVX3tBvxYPG0zbmemVRqFxuLmGt9FJrj6y1pU2_vaDgUe0OTM_pPuysq4czQVsw1HfEWX5_kDu8tbIMLtkt0UrjKrXPLrfetkFJw2AsMZ4YZMxg]

Vielen Dank im Voraus für die Hilfe!

30

Funktioniert das hier?

docker cp /var/www/cert/lan.crt desktop_guacamole_1:/usr/local/share/ca-certificates/lan.crt
    # Also copy it to /opt/java/openjdk/jre/lib/security/cacerts inside the guacamole container
    docker cp /var/www/cert/lan.crt desktop_guacamole_1:/tmp/lan.crt
    docker exec -u 0 -it desktop_guacamole_1 update-ca-certificates
    # Trust the certificate in the java keystore
    docker exec -u 0 -it desktop_guacamole_1 bash -c "keytool -import -trustcacerts -keystore /opt/java/openjdk/jre/lib/security/cacerts -storepass changeit -noprompt -alias lan -file /tmp/lan.crt"
31

Das ging nicht. Das hatte ich schon ausprobiert.

32

Gerade wollte ich wieder auf den Cloud Desktop hat nicht funktioniert. Hier der Log:

guacamole_1  | 10:53:45.146 [http-nio-8080-exec-12] INFO  o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header {"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"} due to an unexpected exception (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) while obtaining or using keys from JWKS endpoint at https://portal.int.de/openid/jwks): JsonWebSignature{"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"}->eyJhbGciOiJSUzI1NiIsImtpZCI6IjMyZTZjMjYwZjk5OGE2NzJmOGQ1MTJkZGYxNTQxNmQyIn0.eyJpc3MiOiJodHRwczovL3BvcnRhbC5pbnQuZGUvb3BlbmlkIiwic3ViIjoiMiIsImF1ZCI6ImVuZ0FaNmllIiwiZXhwIjoxNzUxNzEzNDI0LCJpYXQiOjE3NTE3MTI4MjQsImF1dGhfdGltZSI6MTc1MTcxMjgxNSwibm9uY2UiOiJpNzM0ODhhZ2lrY2dvamFuaXNoOHJlajcxcCIsImVtYWlsIjoidmFsZW50aW4uaGVpbnR6ZUBwb3N0ZW8uZGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IlZhbGVudGluIEhlaW50emUiLCJnaXZlbl9uYW1lIjoiVmFsZW50aW4iLCJmYW1pbHlfbmFtZSI6IkhlaW50emUiLCJuaWNrbmFtZSI6InZhbGVudGluIiwicHJlZmVycmVkX3VzZXJuYW1lIjoidmFsZW50aW4iLCJwcm9maWxlIjp7Im5hbWUiOiJWYWxlbnRpbiBIZWludHplIiwiZ2l2ZW5fbmFtZSI6IlZhbGVudGluIiwiZmFtaWx5X25hbWUiOiJIZWludHplIiwibmlja25hbWUiOiJ2YWxlbnRpbiIsInByZWZlcnJlZF91c2VybmFtZSI6InZhbGVudGluIn19.TvRtAwanwkEXyEcFMyH3C5pPDn0QPOlmfNZp5F15PO-QBh7AOfxS27ux60x0UjjSxx5cvDfzZWaaIOrhhfYsFrvg3Hrhu4aIy_RmXdVACm7UGR-KNx-PvMMySzuZ-a7CRvRtaqVmoQkiSBkwqoFMiTj832VZhLpxXxJCLzCNWAyjfoObVQB1GHLRFp58Dm7vUvr6oyPVZcmrRMr7Z7Q7HuXyzp5EHPk8NZ9q2gRJIzcLtsvZvFs5PNrZR9nFqHPXZsd5_pqDJDXUBnT5sVdyraqn3wLF0dj2kcHs9BW4t7IyZv3yugIK5343Zhzpfu_jG7Bx1Lmh3s9_WeHLB0WQqQ]
guacamole_1  | 10:53:45.688 [http-nio-8080-exec-7] INFO  o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header {"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"} due to an unexpected exception (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) while obtaining or using keys from JWKS endpoint at https://portal.int.de/openid/jwks): JsonWebSignature{"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"}->eyJhbGciOiJSUzI1NiIsImtpZCI6IjMyZTZjMjYwZjk5OGE2NzJmOGQ1MTJkZGYxNTQxNmQyIn0.eyJpc3MiOiJodHRwczovL3BvcnRhbC5pbnQuZGUvb3BlbmlkIiwic3ViIjoiMiIsImF1ZCI6ImVuZ0FaNmllIiwiZXhwIjoxNzUxNzEzNDI1LCJpYXQiOjE3NTE3MTI4MjUsImF1dGhfdGltZSI6MTc1MTcxMjgxNSwibm9uY2UiOiJwMjVtOTVocWNjN3NlZ2gza2ZycGhqZ2lkMyIsImVtYWlsIjoidmFsZW50aW4uaGVpbnR6ZUBwb3N0ZW8uZGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IlZhbGVudGluIEhlaW50emUiLCJnaXZlbl9uYW1lIjoiVmFsZW50aW4iLCJmYW1pbHlfbmFtZSI6IkhlaW50emUiLCJuaWNrbmFtZSI6InZhbGVudGluIiwicHJlZmVycmVkX3VzZXJuYW1lIjoidmFsZW50aW4iLCJwcm9maWxlIjp7Im5hbWUiOiJWYWxlbnRpbiBIZWludHplIiwiZ2l2ZW5fbmFtZSI6IlZhbGVudGluIiwiZmFtaWx5X25hbWUiOiJIZWludHplIiwibmlja25hbWUiOiJ2YWxlbnRpbiIsInByZWZlcnJlZF91c2VybmFtZSI6InZhbGVudGluIn19.G6167q7ZSMmWbE3Sa02It3lB5NXD1SY8s-IuYEbZxEN7lRZLE1H8H9u-PXIRNKREvfR0jY43-QGRIRU8HoaO-V1NVWhaVSpBAYQAXW08bgxGtgrgKHFr_xZKdnA_fLHKaDyqfoIHwmgYBFYGBTlPYM4vyR4FuEf4npJWZP8rSlrVZz7wvf3uTBXNQDpzliDAKN5b54d0fnkX8DeoFQv7x994ouiHlehZ-U19uBs-SetscxjSNdCtuGViwGEXykmefRbBmEzsW-2XSSY8KYFuToB1Zu44UCqbO00UNFrBMrSjor6az9RHMMMadxVKW0y_H8nEo-tcYr9q2VkFzG9GtA]
guacamole_1  | 10:53:46.227 [http-nio-8080-exec-4] INFO  o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header {"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"} due to an unexpected exception (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) while obtaining or using keys from JWKS endpoint at https://portal.int.de/openid/jwks): JsonWebSignature{"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"}->eyJhbGciOiJSUzI1NiIsImtpZCI6IjMyZTZjMjYwZjk5OGE2NzJmOGQ1MTJkZGYxNTQxNmQyIn0.eyJpc3MiOiJodHRwczovL3BvcnRhbC5pbnQuZGUvb3BlbmlkIiwic3ViIjoiMiIsImF1ZCI6ImVuZ0FaNmllIiwiZXhwIjoxNzUxNzEzNDI1LCJpYXQiOjE3NTE3MTI4MjUsImF1dGhfdGltZSI6MTc1MTcxMjgxNSwibm9uY2UiOiJsYmc2MTVxcHJrNmMxMG5jbTQ2amprcDJvaiIsImVtYWlsIjoidmFsZW50aW4uaGVpbnR6ZUBwb3N0ZW8uZGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IlZhbGVudGluIEhlaW50emUiLCJnaXZlbl9uYW1lIjoiVmFsZW50aW4iLCJmYW1pbHlfbmFtZSI6IkhlaW50emUiLCJuaWNrbmFtZSI6InZhbGVudGluIiwicHJlZmVycmVkX3VzZXJuYW1lIjoidmFsZW50aW4iLCJwcm9maWxlIjp7Im5hbWUiOiJWYWxlbnRpbiBIZWludHplIiwiZ2l2ZW5fbmFtZSI6IlZhbGVudGluIiwiZmFtaWx5X25hbWUiOiJIZWludHplIiwibmlja25hbWUiOiJ2YWxlbnRpbiIsInByZWZlcnJlZF91c2VybmFtZSI6InZhbGVudGluIn19.aiB78hTbzVmFyKhK9TTguVWkjfgN7kRaMNon4YA5ZtXJH8VNNjJlK1noFVPSYADmQd7az7DkIvwLWqWWBOG6HYPpu59x_jVWrUXSFn0F7kgH4h7-NPIE-EdzKR8AxuViKzQMeoYi_FYRy-8z1QAMXAEHErM-PAEQ72tgYzetkY3_NlrkHYvbHN-Y4jUQmiMkd8TQlTHroy7yh39K-Uj1C3k6eSvH5Y6zR_KO6-DlN0r16tREfiFSLMGx6K20SpUqUxOz-M1MCniykFTO25cqHni8d89r7_rQ_9oSeyE5nqxHTpaL7w5iqneLft1Cd8n9tSRdq73ATtgQURgVv4cPRA]
guacamole_1  | 10:53:46.732 [http-nio-8080-exec-1] INFO  o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header {"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"} due to an unexpected exception (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) while obtaining or using keys from JWKS endpoint at https://portal.int.de/openid/jwks): JsonWebSignature{"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"}->eyJhbGciOiJSUzI1NiIsImtpZCI6IjMyZTZjMjYwZjk5OGE2NzJmOGQ1MTJkZGYxNTQxNmQyIn0.eyJpc3MiOiJodHRwczovL3BvcnRhbC5pbnQuZGUvb3BlbmlkIiwic3ViIjoiMiIsImF1ZCI6ImVuZ0FaNmllIiwiZXhwIjoxNzUxNzEzNDI2LCJpYXQiOjE3NTE3MTI4MjYsImF1dGhfdGltZSI6MTc1MTcxMjgxNSwibm9uY2UiOiJqMjhibzZwaDI3aDhocThzc3UyaXZoajM4NiIsImVtYWlsIjoidmFsZW50aW4uaGVpbnR6ZUBwb3N0ZW8uZGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IlZhbGVudGluIEhlaW50emUiLCJnaXZlbl9uYW1lIjoiVmFsZW50aW4iLCJmYW1pbHlfbmFtZSI6IkhlaW50emUiLCJuaWNrbmFtZSI6InZhbGVudGluIiwicHJlZmVycmVkX3VzZXJuYW1lIjoidmFsZW50aW4iLCJwcm9maWxlIjp7Im5hbWUiOiJWYWxlbnRpbiBIZWludHplIiwiZ2l2ZW5fbmFtZSI6IlZhbGVudGluIiwiZmFtaWx5X25hbWUiOiJIZWludHplIiwibmlja25hbWUiOiJ2YWxlbnRpbiIsInByZWZlcnJlZF91c2VybmFtZSI6InZhbGVudGluIn19.TTFVsKH3dP4Hn655Y7ssjQzcqo_oXtav0xed4GWkOpdzDBB6eqSc7gWGf8z6MY8geo3lliFR8yQk_QpFhS0Sz8GBOZzhwLHUy9JJjnM4le-OSX_ehsZolNV-DfsOvw0eTygQaySVjPsmaKVbO345wVAz_QDfJLU54PXlXyIG04Iiz-kJIj4wHquLyUOb1sAca7tXdyuK8cA46TK1oiHADvb4kUGaSHukS1xgFlOrbhBVuCF7el91YlWiTH556PMr6Y1kGpfJL2a8k8t-R897AKVxkJV1arq3RqyGT619HnCf4bTGlSRRO3PI1qSyoogatkVh5Kh0C-VmBcXo412fCQ]
guacamole_1  | 10:53:47.238 [http-nio-8080-exec-6] INFO  o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header {"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"} due to an unexpected exception (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) while obtaining or using keys from JWKS endpoint at https://portal.int.de/openid/jwks): JsonWebSignature{"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"}->eyJhbGciOiJSUzI1NiIsImtpZCI6IjMyZTZjMjYwZjk5OGE2NzJmOGQ1MTJkZGYxNTQxNmQyIn0.eyJpc3MiOiJodHRwczovL3BvcnRhbC5pbnQuZGUvb3BlbmlkIiwic3ViIjoiMiIsImF1ZCI6ImVuZ0FaNmllIiwiZXhwIjoxNzUxNzEzNDI2LCJpYXQiOjE3NTE3MTI4MjYsImF1dGhfdGltZSI6MTc1MTcxMjgxNSwibm9uY2UiOiJzanM1OW51M2dyczJoZDllOTNsbXNtcTZ0MSIsImVtYWlsIjoidmFsZW50aW4uaGVpbnR6ZUBwb3N0ZW8uZGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IlZhbGVudGluIEhlaW50emUiLCJnaXZlbl9uYW1lIjoiVmFsZW50aW4iLCJmYW1pbHlfbmFtZSI6IkhlaW50emUiLCJuaWNrbmFtZSI6InZhbGVudGluIiwicHJlZmVycmVkX3VzZXJuYW1lIjoidmFsZW50aW4iLCJwcm9maWxlIjp7Im5hbWUiOiJWYWxlbnRpbiBIZWludHplIiwiZ2l2ZW5fbmFtZSI6IlZhbGVudGluIiwiZmFtaWx5X25hbWUiOiJIZWludHplIiwibmlja25hbWUiOiJ2YWxlbnRpbiIsInByZWZlcnJlZF91c2VybmFtZSI6InZhbGVudGluIn19.NJMzZnpWmUEvCZMJQPAwJDyLuf64YdG3GRZA6rTkB_D1-VrBDCmiZXfofWFd9h5aclmg7EyMoGKRU17v_7IURoDCcqdulELROFAr5417KBJytzo4hE45YyAAgsLl1tOlzDBw0BOe6BXkT24gjtB-cqSL-XtUi_DgnhYtDdzRkajNAuUptbvKIA7p4thBt6daOvJ_FOFcjNa94wMACs4Wg_XKONkULbTjblkrxvIkPO7l75cbqyouFBgu3ug8cyrfVOOkrNZdicu1M8VRXSYVYjzyiG96F6Mlwnc5-V6hV7_zLPufjdJSauO_8DNaoNeqjOF3Syn3-yOXhFG9AjuDuQ]
guacamole_1  | 10:53:47.818 [http-nio-8080-exec-8] INFO  o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header {"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"} due to an unexpected exception (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) while obtaining or using keys from JWKS endpoint at https://portal.int.de/openid/jwks): JsonWebSignature{"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"}->eyJhbGciOiJSUzI1NiIsImtpZCI6IjMyZTZjMjYwZjk5OGE2NzJmOGQ1MTJkZGYxNTQxNmQyIn0.eyJpc3MiOiJodHRwczovL3BvcnRhbC5pbnQuZGUvb3BlbmlkIiwic3ViIjoiMiIsImF1ZCI6ImVuZ0FaNmllIiwiZXhwIjoxNzUxNzEzNDI3LCJpYXQiOjE3NTE3MTI4MjcsImF1dGhfdGltZSI6MTc1MTcxMjgxNSwibm9uY2UiOiJzczVvODJ2OG5jNHQ0ZW9obHY4ZzQzOTYzbiIsImVtYWlsIjoidmFsZW50aW4uaGVpbnR6ZUBwb3N0ZW8uZGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IlZhbGVudGluIEhlaW50emUiLCJnaXZlbl9uYW1lIjoiVmFsZW50aW4iLCJmYW1pbHlfbmFtZSI6IkhlaW50emUiLCJuaWNrbmFtZSI6InZhbGVudGluIiwicHJlZmVycmVkX3VzZXJuYW1lIjoidmFsZW50aW4iLCJwcm9maWxlIjp7Im5hbWUiOiJWYWxlbnRpbiBIZWludHplIiwiZ2l2ZW5fbmFtZSI6IlZhbGVudGluIiwiZmFtaWx5X25hbWUiOiJIZWludHplIiwibmlja25hbWUiOiJ2YWxlbnRpbiIsInByZWZlcnJlZF91c2VybmFtZSI6InZhbGVudGluIn19.m81WzP84uyJHU8SHDv_XWTr3O7BHWUtM5eroqnTzID4dAiRGKvIpCKqhLKb9y-bnI7kdRjUzvOfNGimVsqRI6wRjyO8tanlU6lJHEMI6mSzTq2NA3lZEuCuvv1l-IYBz9R7vAw6bYMJg1_5T_ferS-qjv-AMPH0d_Z5oFuoAGKHohGaR_spwbeVokwzyLFrJFb36infe3brkMlMjIUfRfu6lz6pVjwwF1EtyU2iJCz1njGB26-8fBvl_o38NIVJZl7imGVar_ST6-uvVx-OvdH2EHKsVrMElb8vlRbZnh6abr0emuzxFFRtcnMP0DyWOoCY6dLSfmcVmiUJWsNF80Q]
guacamole_1  | 10:53:48.293 [http-nio-8080-exec-5] INFO  o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header {"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"} due to an unexpected exception (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) while obtaining or using keys from JWKS endpoint at https://portal.int.de/openid/jwks): JsonWebSignature{"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"}->eyJhbGciOiJSUzI1NiIsImtpZCI6IjMyZTZjMjYwZjk5OGE2NzJmOGQ1MTJkZGYxNTQxNmQyIn0.eyJpc3MiOiJodHRwczovL3BvcnRhbC5pbnQuZGUvb3BlbmlkIiwic3ViIjoiMiIsImF1ZCI6ImVuZ0FaNmllIiwiZXhwIjoxNzUxNzEzNDI3LCJpYXQiOjE3NTE3MTI4MjcsImF1dGhfdGltZSI6MTc1MTcxMjgxNSwibm9uY2UiOiIyNWlzcWwzYW40N3VvY3ZncWk0NWs2aDRndSIsImVtYWlsIjoidmFsZW50aW4uaGVpbnR6ZUBwb3N0ZW8uZGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IlZhbGVudGluIEhlaW50emUiLCJnaXZlbl9uYW1lIjoiVmFsZW50aW4iLCJmYW1pbHlfbmFtZSI6IkhlaW50emUiLCJuaWNrbmFtZSI6InZhbGVudGluIiwicHJlZmVycmVkX3VzZXJuYW1lIjoidmFsZW50aW4iLCJwcm9maWxlIjp7Im5hbWUiOiJWYWxlbnRpbiBIZWludHplIiwiZ2l2ZW5fbmFtZSI6IlZhbGVudGluIiwiZmFtaWx5X25hbWUiOiJIZWludHplIiwibmlja25hbWUiOiJ2YWxlbnRpbiIsInByZWZlcnJlZF91c2VybmFtZSI6InZhbGVudGluIn19.CsnwQ6pDpDcQaXwyMN1bLLwu9Aun1_2wTfbYQrlOsLKwUGl6-CxYeeQACCFK6TA2qb2-dWdwijlCH3bGs7rTRsiHspuC3oo_-aSRY9wbnxtPuMuVF3X94mi1Ol8ilTo3q8sGUvtrK9FOCwxqv8evrwwDLU-9h8hvQB9YjbvBZimjnpLQVn13S48m6F8lDhVxm1OVDgW-2TkCfIJjB8MybMge7r5VqIqVQIVJ8LacemvDm6PXSVNQUWnVsg5_ChBoWMNMJaOMv8ut8pONgB2uFYf8a6vxfRAeXUqPEG26RVmjNpIleVLc9FVvcRMf-ZrxQyfcomi1dmxOetL3qBUdxg]
guacamole_1  | 10:53:48.855 [http-nio-8080-exec-6] INFO  o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header {"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"} due to an unexpected exception (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) while obtaining or using keys from JWKS endpoint at https://portal.int.de/openid/jwks): JsonWebSignature{"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"}->eyJhbGciOiJSUzI1NiIsImtpZCI6IjMyZTZjMjYwZjk5OGE2NzJmOGQ1MTJkZGYxNTQxNmQyIn0.eyJpc3MiOiJodHRwczovL3BvcnRhbC5pbnQuZGUvb3BlbmlkIiwic3ViIjoiMiIsImF1ZCI6ImVuZ0FaNmllIiwiZXhwIjoxNzUxNzEzNDI4LCJpYXQiOjE3NTE3MTI4MjgsImF1dGhfdGltZSI6MTc1MTcxMjgxNSwibm9uY2UiOiI0aHN0NXRpYmdoNGduZjUzaWd0bXVnczNkaiIsImVtYWlsIjoidmFsZW50aW4uaGVpbnR6ZUBwb3N0ZW8uZGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6IlZhbGVudGluIEhlaW50emUiLCJnaXZlbl9uYW1lIjoiVmFsZW50aW4iLCJmYW1pbHlfbmFtZSI6IkhlaW50emUiLCJuaWNrbmFtZSI6InZhbGVudGluIiwicHJlZmVycmVkX3VzZXJuYW1lIjoidmFsZW50aW4iLCJwcm9maWxlIjp7Im5hbWUiOiJWYWxlbnRpbiBIZWludHplIiwiZ2l2ZW5fbmFtZSI6IlZhbGVudGluIiwiZmFtaWx5X25hbWUiOiJIZWludHplIiwibmlja25hbWUiOiJ2YWxlbnRpbiIsInByZWZlcnJlZF91c2VybmFtZSI6InZhbGVudGluIn19.SjuOXumXave3G2YE6RtuyhFUbJklUzE_d34jYlusmwPJHBRvIcQl2PkXBgZv-nT3-gXHZkGLakmmMTYpg8FVlMhqD1T3ZTjhJ9ze7AN2JWk9fUjeYkhYYDgm_OvjW5Wo1Q_0MkSwuXJtF-0hCZvy9C74d0m8AzYaqw23i1hMP1gxOhJrDFigVQhm1ae11U6elFuIVhYcM44ikl5ZQFWE8MxO0B8C0CcIsCIdxsyfXubjY9DVYqEolT386mwXN7DGQTb1sOsE3Q9qJxnwRg7OyaA39NNxVAtcLbafAxmfNVFp19rjQHO9HFCOc0HbI7J_9D0KPTD3OdDzJlmsp_Dqzw]

Ausgabe der Befehle von Jean:

Updating certificates in /etc/ssl/certs...
rehash: warning: skipping ca-certificates.crt,it does not contain exactly one certificate or CRL
1 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
Certificate was added to keystore

Aber auch danach gleicher Fehler:

guacamole_1  | 10:57:53.743 [http-nio-8080-exec-14] INFO  o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header {"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"} due to an unexpected exception (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) while obtaining or using keys from JWKS endpoint at https://portal.int.de/openid/jwks): JsonWebSignature{"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"}->eyJhbGciOiJSUzI1NiIsImtpZCI6IjMyZTZjMjYwZjk5OGE2NzJmOGQ1MTJkZGYxNTQxNmQyIn0.eyJpc3MiOiJodHRwczovL3BvcnRhbC5pbnQuZGUvb3BlbmlkIiwic3ViIjoiMSIsImF1ZCI6ImVuZ0FaNmllIiwiZXhwIjoxNzUxNzEzNjczLCJpYXQiOjE3NTE3MTMwNzMsImF1dGhfdGltZSI6MTc1MTcxMzAzOSwibm9uY2UiOiJyOHF2b245cGN2NXZiNGI0Yzh2NnZuNmhobyIsImVtYWlsIjoiICIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJuYW1lIjoiICIsImdpdmVuX25hbWUiOiIgIiwiZmFtaWx5X25hbWUiOiIgIiwibmlja25hbWUiOiJBZG1pbmlzdHJhdG9yIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiQWRtaW5pc3RyYXRvciIsInByb2ZpbGUiOnsibmFtZSI6IiAiLCJnaXZlbl9uYW1lIjoiICIsImZhbWlseV9uYW1lIjoiICIsIm5pY2tuYW1lIjoiQWRtaW5pc3RyYXRvciIsInByZWZlcnJlZF91c2VybmFtZSI6IkFkbWluaXN0cmF0b3IifX0.MOvoVoXHtYP1P4JkA7CSKE6rMTcoH0_Z7BmjZoTXmv5rT3A3QKp4fHblBfm2aW0SBv618XxSHYAssyhZq6yEhdRKbL7_ddIu91JGQIMO_dCVs1v1kmppLBKTra7OcXUXQmX2Xx1mhSKfC1rPnGmmP-y9SEtue-z5RzetNhyDcNu6-DWLNw6AjuM-b1uHcc5iSIQmShtNQ4IkvbCrjafwV6cMCsX1oOstAYIim4Wu2loN1F8MPh0jSMj4UaEwGv1GvlRdDqF-LtaSUBKL2rp1HZ-Z8PS1t5IVoTD8CQhGrMLJFto4mPDXpbTCsCtgXQIGCLug0i0ZqZGEbCj096SLBQ]
guacamole_1  | 10:57:54.200 [http-nio-8080-exec-7] INFO  o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header {"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"} due to an unexpected exception (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) while obtaining or using keys from JWKS endpoint at https://portal.int.de/openid/jwks): JsonWebSignature{"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"}->eyJhbGciOiJSUzI1NiIsImtpZCI6IjMyZTZjMjYwZjk5OGE2NzJmOGQ1MTJkZGYxNTQxNmQyIn0.eyJpc3MiOiJodHRwczovL3BvcnRhbC5pbnQuZGUvb3BlbmlkIiwic3ViIjoiMSIsImF1ZCI6ImVuZ0FaNmllIiwiZXhwIjoxNzUxNzEzNjczLCJpYXQiOjE3NTE3MTMwNzMsImF1dGhfdGltZSI6MTc1MTcxMzAzOSwibm9uY2UiOiJmMDl2YXRpbDA3ODlqajFxdDE1b2VhYjZuNiIsImVtYWlsIjoiICIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJuYW1lIjoiICIsImdpdmVuX25hbWUiOiIgIiwiZmFtaWx5X25hbWUiOiIgIiwibmlja25hbWUiOiJBZG1pbmlzdHJhdG9yIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiQWRtaW5pc3RyYXRvciIsInByb2ZpbGUiOnsibmFtZSI6IiAiLCJnaXZlbl9uYW1lIjoiICIsImZhbWlseV9uYW1lIjoiICIsIm5pY2tuYW1lIjoiQWRtaW5pc3RyYXRvciIsInByZWZlcnJlZF91c2VybmFtZSI6IkFkbWluaXN0cmF0b3IifX0.bYxRpyR9BGfhVqV9bikgvOvXdPMJlkq1zyklQNtO_b1Yg9ReDGKg9jX5Mszv9sXaSmGxNf6q2Lu7yFdoxkPSCWP_sGbonKIFthor590QcPMs2RLLaUO4JF_wDrNShVLH9XE5jfBpr7YXaxT-CoS7R2Qga_-yRsIFLBCCWYhz_Dgylny9dk-WJl69Ln82izQW4Sn7ibmqr_QrtHiveM9U1as1tM9VauCH_-XZfuzmlej0T9K_lgQ7rhpWG3xsy0iLapSk9TkR-KqLtu9n97Dyby2PT_E2iVTs_SqoOhhjY5MlYTp7u_ZMldSXa6f_hNXS_r0GAzu4Nba-7nyeGMC_gA]
guacamole_1  | 10:57:54.859 [http-nio-8080-exec-13] INFO  o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header {"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"} due to an unexpected exception (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) while obtaining or using keys from JWKS endpoint at https://portal.int.de/openid/jwks): JsonWebSignature{"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"}->eyJhbGciOiJSUzI1NiIsImtpZCI6IjMyZTZjMjYwZjk5OGE2NzJmOGQ1MTJkZGYxNTQxNmQyIn0.eyJpc3MiOiJodHRwczovL3BvcnRhbC5pbnQuZGUvb3BlbmlkIiwic3ViIjoiMSIsImF1ZCI6ImVuZ0FaNmllIiwiZXhwIjoxNzUxNzEzNjc0LCJpYXQiOjE3NTE3MTMwNzQsImF1dGhfdGltZSI6MTc1MTcxMzAzOSwibm9uY2UiOiJucDVwYjZ1bTM0aWV0N20zdGRhcm5yb2twNSIsImVtYWlsIjoiICIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJuYW1lIjoiICIsImdpdmVuX25hbWUiOiIgIiwiZmFtaWx5X25hbWUiOiIgIiwibmlja25hbWUiOiJBZG1pbmlzdHJhdG9yIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiQWRtaW5pc3RyYXRvciIsInByb2ZpbGUiOnsibmFtZSI6IiAiLCJnaXZlbl9uYW1lIjoiICIsImZhbWlseV9uYW1lIjoiICIsIm5pY2tuYW1lIjoiQWRtaW5pc3RyYXRvciIsInByZWZlcnJlZF91c2VybmFtZSI6IkFkbWluaXN0cmF0b3IifX0.E2OntSbvMn7SIvmghqbnoKMEW8Sj4zriJYDxG-JEyOt-fW6BJK8J1tBCx504mPsjf9YPJu1NbxCvx7KJ_ybbnG8DcPrtq_gkxH_XkXmOHPI75otcPnqHhSCzdFJjcRUHMlwYoS_GsxsxeT_QYMzPpOSvpZe91elpOCuildxGqcHy7wuffngzB_B2WN9OOLTJGpfkd5rQaDgtjw1YOG1m_vm50zJUATYMtSun9v758gnVzr262NgY_042XZn1DE1xQf8h1ANW4MoCIaz_-wA8JeVDZZVoOp4FVP8L0FFQzOxSdVvMQTSYt08t99k5-itWz4R-Di-1ltO1w7nlZwJPrA]
guacamole_1  | 10:57:55.290 [http-nio-8080-exec-8] INFO  o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header {"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"} due to an unexpected exception (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) while obtaining or using keys from JWKS endpoint at https://portal.int.de/openid/jwks): JsonWebSignature{"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"}->eyJhbGciOiJSUzI1NiIsImtpZCI6IjMyZTZjMjYwZjk5OGE2NzJmOGQ1MTJkZGYxNTQxNmQyIn0.eyJpc3MiOiJodHRwczovL3BvcnRhbC5pbnQuZGUvb3BlbmlkIiwic3ViIjoiMSIsImF1ZCI6ImVuZ0FaNmllIiwiZXhwIjoxNzUxNzEzNjc0LCJpYXQiOjE3NTE3MTMwNzQsImF1dGhfdGltZSI6MTc1MTcxMzAzOSwibm9uY2UiOiJvOHYzNzE5NHRnZ2FhYmQxdm5rN21oMm5yaCIsImVtYWlsIjoiICIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJuYW1lIjoiICIsImdpdmVuX25hbWUiOiIgIiwiZmFtaWx5X25hbWUiOiIgIiwibmlja25hbWUiOiJBZG1pbmlzdHJhdG9yIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiQWRtaW5pc3RyYXRvciIsInByb2ZpbGUiOnsibmFtZSI6IiAiLCJnaXZlbl9uYW1lIjoiICIsImZhbWlseV9uYW1lIjoiICIsIm5pY2tuYW1lIjoiQWRtaW5pc3RyYXRvciIsInByZWZlcnJlZF91c2VybmFtZSI6IkFkbWluaXN0cmF0b3IifX0.gqkC_QNBYGivRZ_evGwQ8fdvKUAqJ-o969OjPPf5zEPIdLRSmW4EjqxlQepqX_xhF2D1TfKCPT6Qb2oGXgL_FKsXboMTEvtMj5NUB0PFcHHRwZrVlBgDPLSkD-qpR3FFopA0x_ikQAuaIwr90TiNa-WBkxvcq1QYK3PS3rjQJILJuR64Nh6zgmifmOD5s48d7Lo-LfgFR5DtRvMuws1_s4A6z5UKk5yyphh3sBKX-aIXvul3JXOt27LDJkBXCErH_ezVNUsRDKIte-aXPLwhkYV13P2XzsrvdJXEi9Hf1xcWFsxgcpVFSTSH-UgJMkcfWh5Xq8FjEgFvbELA3Vx4Pg]
guacamole_1  | 10:57:55.741 [http-nio-8080-exec-14] INFO  o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header {"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"} due to an unexpected exception (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) while obtaining or using keys from JWKS endpoint at https://portal.int.de/openid/jwks): JsonWebSignature{"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"}->eyJhbGciOiJSUzI1NiIsImtpZCI6IjMyZTZjMjYwZjk5OGE2NzJmOGQ1MTJkZGYxNTQxNmQyIn0.eyJpc3MiOiJodHRwczovL3BvcnRhbC5pbnQuZGUvb3BlbmlkIiwic3ViIjoiMSIsImF1ZCI6ImVuZ0FaNmllIiwiZXhwIjoxNzUxNzEzNjc1LCJpYXQiOjE3NTE3MTMwNzUsImF1dGhfdGltZSI6MTc1MTcxMzAzOSwibm9uY2UiOiJmOHNzcWozZmE4Z2UycGNqbmtmbTIyYXJmYiIsImVtYWlsIjoiICIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJuYW1lIjoiICIsImdpdmVuX25hbWUiOiIgIiwiZmFtaWx5X25hbWUiOiIgIiwibmlja25hbWUiOiJBZG1pbmlzdHJhdG9yIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiQWRtaW5pc3RyYXRvciIsInByb2ZpbGUiOnsibmFtZSI6IiAiLCJnaXZlbl9uYW1lIjoiICIsImZhbWlseV9uYW1lIjoiICIsIm5pY2tuYW1lIjoiQWRtaW5pc3RyYXRvciIsInByZWZlcnJlZF91c2VybmFtZSI6IkFkbWluaXN0cmF0b3IifX0.cUrPb_XStzfl14DTbPFjHT-Kd-d5gwey7uma2WJbj6ymSVAtimZv0mXkdaF9UfIYB9DKu59EFS3jFdz41pDh7aH8e_VK6Ask_rVSNS1onvMDHvEMBvyth_8r0UtntTdN9oYn_Uo7sqEPeJD5-wlCfH3-MN-gy3ZflTFBDBZm5mS1hf4sE7U11pvGVS311eLNP3ZJpjg14y_xdbXoCSvEWDsFiJ3LeZ471r9lxtyRdlx2abSfnyJA4eNBhKmwXRYkM_fzjsNm5mf1D3cmIN6CXQ2eevumlzBdFXnM3idaFw8_US9KQi59TD71DE6MGc_QlZbUYoPS_mPIV0xBQGWzRQ]
guacamole_1  | 10:57:56.205 [http-nio-8080-exec-7] INFO  o.a.g.a.o.t.TokenValidationService - Rejected invalid OpenID token: JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.UnresolvableKeyException: Unable to find a suitable verification key for JWS w/ header {"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"} due to an unexpected exception (javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) while obtaining or using keys from JWKS endpoint at https://portal.int.de/openid/jwks): JsonWebSignature{"alg":"RS256","kid":"32e6c260f998a672f8d512ddf15416d2"}->eyJhbGciOiJSUzI1NiIsImtpZCI6IjMyZTZjMjYwZjk5OGE2NzJmOGQ1MTJkZGYxNTQxNmQyIn0.eyJpc3MiOiJodHRwczovL3BvcnRhbC5pbnQuZGUvb3BlbmlkIiwic3ViIjoiMSIsImF1ZCI6ImVuZ0FaNmllIiwiZXhwIjoxNzUxNzEzNjc1LCJpYXQiOjE3NTE3MTMwNzUsImF1dGhfdGltZSI6MTc1MTcxMzAzOSwibm9uY2UiOiJ0cmVqNGowdDE3YmczYzM2dTRwa2phMGdzYyIsImVtYWlsIjoiICIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJuYW1lIjoiICIsImdpdmVuX25hbWUiOiIgIiwiZmFtaWx5X25hbWUiOiIgIiwibmlja25hbWUiOiJBZG1pbmlzdHJhdG9yIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiQWRtaW5pc3RyYXRvciIsInByb2ZpbGUiOnsibmFtZSI6IiAiLCJnaXZlbl9uYW1lIjoiICIsImZhbWlseV9uYW1lIjoiICIsIm5pY2tuYW1lIjoiQWRtaW5pc3RyYXRvciIsInByZWZlcnJlZF91c2VybmFtZSI6IkFkbWluaXN0cmF0b3IifX0.oe9KkGo0VT5wl5H9Fef1JEZsSkwPqIj_d0JeScwl7BElqmZqRuPhroDd4GsO5_b1v6b6hidhsl4vVuHBq1numkx-J3kabc_m-fwrD_VIS8jfw1VQ53ObHkA35E7yDLLibAujWikx-5K6L8UQV33feF11IKwS-FwQ5n0gt3dR5KJREsEHf-A4qsnUsjh2nz0fs4ZFP8X_oSIGuJdQ2um_Au_W7XUH2Mx0IE1pa-Fe72BnXSEKqEuqGKPD3fj889_AjVyMAGmDeQv5HWRGUPcVQJDtlwk4_fxk6MkgvYsmSt4QQw_gGluTti-7Uqd5r7_8R1M_l15c6M_rAg8CMZSqUg]

VG, der LinuxFan

33

Jetzt geht er wieder… Keine Ahnung warum.