Facing some issue while importing example code in AURIX Development Studio

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
lock attach
Attachments are accessible only for community members.
enrico_b
Employee
Employee
First like given 10 sign-ins 5 solutions authored

Hi,

 

I am trying to use "AURIX™ Development Studio" Version: 1.3.0 but unable to import example code and getting following error as attached.

Please refer the attachment, file name: ADS_V1_3_0.jpg .

 

After this i suggested them to use latest version of ADS that is V1.6.0

With the latest version (V1.6.0) a new error message came.

Please refer the attachment, file name: ADS_V1_6_0.jpg .

 

Can you please help how can I solve it?

 

Also, 

May I know where can I find following options for below topics in same tool

Proxy setting
Port
Link path for repository path

0 Likes
1 Solution

Thank you for the provided information.

The issue you are facing is caused by the inability of ADS of performing a correct SSL handshaking with the Infineon servers.

The causes could be:

  • The Java Virtual Machine used to run ADS is using a wrong Trust Store, which is the "container"  of all certification authorities known by the Virtual Machine, which are used to establish encrypted connections. This doesn't look your case, from the configuration you sent me, you are correctly using the right TrustStore. To be 100% sure, you can perform the following steps:
    1. Overwrite the AURIX-Studio.ini in your ADS installation directory with the one attached to this reply (backup the old one, and unzip the new one)
    2. Launch ADS. A console should also open. Select a workspace and let ADS complete loading.
    3. Once ADS complete loads, scroll the console to the top, you should see a text similar to the following: enrico_b_0-1649773669033.png

       

    4. Search for the text "trustStore is:" and paste it here please. It should be a cacert file contained in the installation directory of ADS, like in the screenshot above. It should not rely somewhere else.
  • Another cause could be the presence of a proxy server configured to perform SSL interception (or SSL bumping), where the proxy server replaces the SSL certificates with its own. If this is the case, the TrustStore may not contain the Certification Authority (CA) that released the certificate used by the proxy server, and all connections with our remote servers would be prevented. To check if this is the case, do the following (instructions for Microsoft Edge):
    1. Open https://www.google.com
    2. Click on the small lock left of the URL enrico_b_1-1649774810841.png

       

    3. Click on the rift item of the list (it should be "the connection is safe", or something similar)enrico_b_2-1649774905410.png

       

    4. Click on the small certificate icon enrico_b_3-1649774959655.png

       

    5. You will get the information about the certificate in use. It should be released to "www.google.com", and the Certification Authority should be GTS CA 1C3. The screenshot below displays the information I am talking about (sorry the interface in italian). If you see other information, the certificate has been replaced by the proxy, and ADS cannot recognize it. If this is the case, please let me know, and I will try to find an alternative solution.Annotation 2022-04-12 165125.png

 

View solution in original post

0 Likes
10 Replies
enrico_b
Employee
Employee
First like given 10 sign-ins 5 solutions authored

I will try to help with the issue of the version 1.6.0, since the 1.3.0 is very old.

It seems a network configuration problem, but I ask you to please provide the ADS log files for further analysis.

To export the log file it please follow the following steps:

  • Open the Error Log view from the top menu bar: Window -> Show View -> Other -> General -> Error Log
  • From the error log, press on Export log
  • Please zip and attach the *.log file

Best regards,

Enrico

0 Likes
Di_W
Moderator
Moderator
Moderator
500 solutions authored 1000 replies posted 250 solutions authored

1.A compromise approach to download the source code from https://github.com/Infineon/AURIX_code_examples

2. To make sure your network config is correct. Or use a seperate PC without any network block to try.

 

dw

0 Likes
Ravikiran
Employee
Employee
10 sign-ins 5 sign-ins First reply posted

Please find the attached file for the error log details.

0 Likes
enrico_b
Employee
Employee
First like given 10 sign-ins 5 solutions authored

From a first analysis the error doesn't seem to be related to a network issue.

I need more information to further help you. Can you please provide the following two things:

  • The file "AURIX-studio.ini", which can be found in the root of the ADS installation directory
  • The ADS Configuration: From the top toolbar: "Help -> About AURIX Development Studio -> Installation Details (button bottom left) -> Select the "Configuration" Tab -> Copy the content to the clipboard (button "Copy to Clipboard" bottom right), and paste it to a text file.

Regards.

0 Likes
Ravikiran
Employee
Employee
10 sign-ins 5 sign-ins First reply posted

Please find the attached zip file.

0 Likes

Thank you for the provided information.

The issue you are facing is caused by the inability of ADS of performing a correct SSL handshaking with the Infineon servers.

The causes could be:

  • The Java Virtual Machine used to run ADS is using a wrong Trust Store, which is the "container"  of all certification authorities known by the Virtual Machine, which are used to establish encrypted connections. This doesn't look your case, from the configuration you sent me, you are correctly using the right TrustStore. To be 100% sure, you can perform the following steps:
    1. Overwrite the AURIX-Studio.ini in your ADS installation directory with the one attached to this reply (backup the old one, and unzip the new one)
    2. Launch ADS. A console should also open. Select a workspace and let ADS complete loading.
    3. Once ADS complete loads, scroll the console to the top, you should see a text similar to the following: enrico_b_0-1649773669033.png

       

    4. Search for the text "trustStore is:" and paste it here please. It should be a cacert file contained in the installation directory of ADS, like in the screenshot above. It should not rely somewhere else.
  • Another cause could be the presence of a proxy server configured to perform SSL interception (or SSL bumping), where the proxy server replaces the SSL certificates with its own. If this is the case, the TrustStore may not contain the Certification Authority (CA) that released the certificate used by the proxy server, and all connections with our remote servers would be prevented. To check if this is the case, do the following (instructions for Microsoft Edge):
    1. Open https://www.google.com
    2. Click on the small lock left of the URL enrico_b_1-1649774810841.png

       

    3. Click on the rift item of the list (it should be "the connection is safe", or something similar)enrico_b_2-1649774905410.png

       

    4. Click on the small certificate icon enrico_b_3-1649774959655.png

       

    5. You will get the information about the certificate in use. It should be released to "www.google.com", and the Certification Authority should be GTS CA 1C3. The screenshot below displays the information I am talking about (sorry the interface in italian). If you see other information, the certificate has been replaced by the proxy, and ADS cannot recognize it. If this is the case, please let me know, and I will try to find an alternative solution.Annotation 2022-04-12 165125.png

 

0 Likes

Thanks a lot for the continuous support on this topic.

I tried the second option and finds following setting, the certificate is not matching. Please find the below snapshot.

 

Ravikiran_0-1649915886011.png

 

0 Likes

HI, is there any updates on this ?

0 Likes

Hello,

you have to add the certificate generated by "your" intermediate CA (Zscaler) to the trust store of AURIX Development Studio.

Please note:

  1. this procedure will modify the ADS installation.
  2. If you upgrade/reinstall ADS, you will have to repeat this procedure again
  3. If the Zscaler certificate expires, you have to repeat this procedure

Procedure:

  1. Save the certificate on a file. From the "Certificate" window you posted on the previous message, click on the tab "Details", then you should see a button to export the certificate to a file. Click on that button and select "DER X.509 (.CER)" as a format. Save on any file
  2. extract the zip file attached to this message anywhere on the system, and move to that folder a cmd.exe terminal.
  3. Launch the following program: 
    keytool -import -v -trustcacerts -file <position of *.cer certificate file> -alias zscaler -keystore <ADS Installation>/plugins/com.infineon.aurix.jre.win32.x86_64_<ADS version>/jre/lib/security/cacerts -storepass changeit
    ​

At the end of the procedure ADS should recognize your intermediate CA.

Let me know how it goes.

Kind regards, Enrico

0 Likes
TBencher
Level 6
Level 6
25 solutions authored 25 likes received 5 questions asked

Hi Enrico,

a useful workaround could be as follows.
Rather than loosing valuable time by reconfiguring your ADS, you could just create a new project in ADS and copy the example files into that project. Depending on the the controller which you are actually using, you might need to make some adjustments before compilation. For me, that approach always works quite fine.

Best regards,

TBencher

0 Likes