In the ZitiConnectionSocketFactory class as part of the ziti-springboot-client, the connectSocket method creates an InetSocketAddress from the provided host parameter's hostName and port attributes. This causes a potential delay while the InetSocketAddress class attempts to resolve the provided name and port to a resolved address.

This is unnecessary since Ziti only uses the hostName and port when resolving the service for the connection.

Instead, the ZitiConnectionSocketFactory should use the InetSocketAddress.createUnresolved method to avoid the lookup delay.

when running using Java 14, trying to initialize a keystore from within code will end up throwing:

Exception in thread "main" java.security.KeyStoreException: non-null password required to create PrivateKeyEntry
	at java.base/java.security.KeyStoreSpi.engineSetEntry(KeyStoreSpi.java:558)
	at java.base/sun.security.util.KeyStoreDelegator.engineSetEntry(KeyStoreDelegator.java:173)
	at java.base/java.security.KeyStore.setEntry(KeyStore.java:1584)
	at org.openziti.identity.Enroller.enroll(Enroller.kt:91)

This seems to happen due to Enroller.kt where protect is initialized to an empty char array or null:

        val protect = if (keyStore.type == "PKCS12") KeyStore.PasswordProtection(charArrayOf()) else null

        keyStore.setEntry(alias, pke, protect)

I am using the ZitiSpringBoot example more or less as-is. Whenever network connectivity is lost and then restored no terminators exist in ziti. I verified using ziti cli and the list of terminators is empty.
Restarting my spring application causes it to reestablish all terminators correctly.

After starting the VPN, a NoClassDefFoundError error occurs when the browser accesses the service, causing the program to crash
The code on line 148 is val kp = if (service.encryptionRequired) Crypto.newKeyPair() else null
Here are the error details:
java.lang.NoClassDefFoundError: failed for class com.ql.wzwsdk.crypto.Crypto; see exception in other thread
at com.ql.wzwsdk.net.ZitiSocketChannel.connectInternal$wzwSdk_debug(ZitiSocketChannel.kt:148)
at com.ql.wzwsdk.net.ZitiSocketChannel$connectInternal$1.invokeSuspend(Unknown Source:15)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:108)
at kotlinx.coroutines.internal.LimitedDispatcher$Worker.run(LimitedDispatcher.kt:115)
at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:103)
at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:584)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:793)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:697)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:684)
Suppressed: kotlinx.coroutines.internal.DiagnosticCoroutineContextException: [StandaloneCoroutine{Cancelling}@a9c7c6d, Dispatchers.IO]

Need to create ziti Java 9+ module in order to request/allow proper permissions for reflection operations against java.net package

When I download the source code and use the compiler to load it， something went wrong.

Caused by: io.wusa.exception.NoCurrentCommitFoundException: io.wusa.exception.GitException: Executing git command failed with 128 at io.wusa.GitService$Companion.getCurrentShortCommit(GitService.kt:100) at io.wusa.GitService$Companion.currentCommit(GitService.kt:23) at io.wusa.Info.getShortCommit(**Info.kt:27**) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at build_3qmj6whua6rs518j1chwoi9m0$_run_closure4.doCall(**C:\Users\**\AndroidStudioProjects\ZT_Project\build.gradle:74**) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at org.gradle.util.internal.ClosureBackedAction.execute(ClosureBackedAction.java:73) at org.gradle.util.internal.ConfigureUtil.configureTarget(ConfigureUtil.java:155) at org.gradle.util.internal.ConfigureUtil.configure(ConfigureUtil.java:106) at org.gradle.util.internal.ConfigureUtil$WrappedConfigureAction.execute(ConfigureUtil.java:167) at org.gradle.internal.extensibility.ExtensionsStorage$ExtensionHolder.configure(ExtensionsStorage.java:173) at org.gradle.internal.extensibility.ExtensionsStorage.configureExtension(ExtensionsStorage.java:64) at org.gradle.internal.extensibility.DefaultConvention.configureExtension(DefaultConvention.java:364) at org.gradle.internal.extensibility.DefaultConvention.access$500(DefaultConvention.java:45) at org.gradle.internal.extensibility.DefaultConvention$ExtensionsDynamicObject.tryInvokeMethod(DefaultConvention.java:301) at org.gradle.internal.metaobject.CompositeDynamicObject.tryInvokeMethod(CompositeDynamicObject.java:98) at org.gradle.internal.extensibility.MixInClosurePropertiesAsMethodsDynamicObject.tryInvokeMethod(MixInClosurePropertiesAsMethodsDynamicObject.java:34) at org.gradle.groovy.scripts.BasicScript$ScriptDynamicObject.tryInvokeMethod(BasicScript.java:135) at org.gradle.internal.metaobject.AbstractDynamicObject.invokeMethod(AbstractDynamicObject.java:163) at org.gradle.groovy.scripts.BasicScript.invokeMethod(BasicScript.java:84) at build_3qmj6whua6rs518j1chwoi9m0.run(**C:\Users\**\AndroidStudioProjects\ZT_Project\build.gradle:73**) at org.gradle.groovy.scripts.internal.DefaultScriptRunnerFactory$ScriptRunnerImpl.run(DefaultScriptRunnerFactory.java:91) ... 177 more

achieve parity with openziti/sdk-golang#458

The zitiHttpClient bean sets the response timeout using MICROSECONDS but the value and default values are in MILLISECONDS.

Host names are not case normalized when they are registered with the ZitiDNSManager, however host names are forced lowercase during requests to resolve.

This mismatch appears to be a bug.

need a README file

Injecting ziti standard/ssl socket factory to the transport of OKHttp client does not seem to work consistently while sending HTTP requests.

4 of 5 request fails with the "UnknownHostException".

Trying to use a socket through the ZitiContext.connect(...) fails.

ZitiContext ctx = Ziti.newContext(...);
Socket socket = ctx.connect('test.host', 8080);

This results in a socket but the isConnected() method returns false yet when calling connect on the socket again throws an AlreadyConnectedException.

The workaround is to use
Socket sock = Ziti.getSocketFactory().createSocket();
sock.connect(new InetSocketAddress(host.getHostName(), host.getPort()), connectTimeout);
which results in a connected socket.

I would expect a context.connect(...) to work the same way as the factory workaround.

After testing ZDBC, I can say it works natively with MSSQL either using JAVA code or a Database client such as SquirrelDB.
Adding an example class of how to use it may be helpful, and so updating the Driver Features table from the main zdbc README.

According to the https://docs.oracle.com/en/java/javase/11/docs/specs/security/standard-names.html#keystore-types specification, the official type is defined as pkcs12. In Enroller.kt it specifically requires the upper case name:
if (keyStore.type == "PKCS12"). This should be a case insensitive comparison.
There is also a KeyStore.getDefaultType() that returns pkcs12 in lower case

Hi, I am using ziti sdk v0.21.0 in my application and it is packaged as a fat/one jar. When I try to do a zitisocket connect, I get the following error: I tried searching a bit on the net and tried few suggestions but did not work. Please take a look

java.lang.ExceptionInInitializerError: null
at org.openziti.net.ZitiSocketChannel$connect$2.invokeSuspend(ZitiSocketChannel.kt:149)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106)
at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:571)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:750)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:678)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:665)
Caused by: com.goterl.resourceloader.ResourceLoaderException: Failed to load the bundled library from resources by relative path (mac/libsodium.dylib)
at com.goterl.resourceloader.SharedLibraryLoader.load(SharedLibraryLoader.java:66)
at com.goterl.lazysodium.utils.LibraryLoader.loadBundledLibrary(LibraryLoader.java:134)
at com.goterl.lazysodium.utils.LibraryLoader.loadLibrary(LibraryLoader.java:107)
at com.goterl.lazysodium.SodiumJava.(SodiumJava.java:34)
at org.openziti.crypto.JavaCryptoLoader.load(JavaCryptoLoader.kt:26)
at org.openziti.crypto.Crypto.(Crypto.kt:49)
... 7 common frames omitted
Caused by: java.io.IOException: Failed to list contents of file:/Users/dineshsubramanian/nfprojects/clientsync/target/clientsync-0.0.1-SNAPSHOT.jar!/BOOT-INF/lib/lazysodium-java-5.0.1.jar!/mac/libsodium.dylib
at com.goterl.resourceloader.ResourceLoader.doCopyDirectory(ResourceLoader.java:362)
at com.goterl.resourceloader.ResourceLoader.copyDirectory(ResourceLoader.java:354)
at com.goterl.resourceloader.ResourceLoader.getFileFromFileSystem(ResourceLoader.java:248)
at com.goterl.resourceloader.ResourceLoader.copyToTempDirectory(ResourceLoader.java:88)
at com.goterl.resourceloader.SharedLibraryLoader.load(SharedLibraryLoader.java:53)
... 12 common frames omitted

the sample project I generated Aug 2021 no longer works. Using 0.22.+ for my dependency works.

  	implementation 'org.openziti:ziti:0.22.+'

I'm putting up a PR for the samples in a minute which should illustrate the issue and contains steps to reproduce the issue

Using the ziti-springboot-client's restTempate to call a service and during the service connection this exception is thrown:

As you can see from the debug details, the channel is connected but throws an exception when returning the local port.

Running a hosted service so the service just sits there listening. Every minute this line is logged. I gave a quick scan of markdowns but didn't see any clear guidance indicating the preferred method of suppressing this message. Document the preferred method of logging/handling log messages

2022-04-05 18:24:35.416  INFO 23700 --- [atcher-worker-7] ZitiContextImpl                          : current edge routers = [EdgeRouter(name=an-edge-router, hostname=, supportedProtocols={tls=tls://100.25.84.148:443}, urls=null)]
2022-04-05 18:25:35.781  INFO 23700 --- [atcher-worker-7] ZitiContextImpl                          : current edge routers = [EdgeRouter(name=an-edge-router, hostname=, supportedProtocols={tls=tls://100.25.84.148:443}, urls=null)]
2022-04-05 18:26:36.155  INFO 23700 --- [atcher-worker-5] ZitiContextImpl                          : current edge routers = [EdgeRouter(name=an-edge-router, hostname=, supportedProtocols={tls=tls://100.25.84.148:443}, urls=null)]
2022-04-05 18:27:36.838  INFO 23700 --- [atcher-worker-7] ZitiContextImpl                          : current edge routers = [EdgeRouter(name=an-edge-router, hostname=, supportedProtocols={tls=tls://100.25.84.148:443}, urls=null)]
2022-04-05 18:28:37.227  INFO 23700 --- [atcher-worker-5] ZitiContextImpl                          : current edge routers = [EdgeRouter(name=an-edge-router, hostname=, supportedProtocols={tls=tls://100.25.84.148:443}, urls=null)]
2022-04-05 18:29:38.112  INFO 23700 --- [atcher-worker-5] ZitiContextImpl                          : current edge routers = [EdgeRouter(name=an-edge-router, hostname=, supportedProtocols={tls=tls://100.25.84.148:443}, urls=null)]

When my application performs a normal shutdown, the following warnings are displayed. Appears like something is misconfigured

[DefaultDispatcher-worker-6] WARN Channel[tls://0ca8c165-4fee-4c98-be2a-d499765b61cf.production.netfoundry.io:443] - channel disconnected: Job was cancelled
[DefaultDispatcher-worker-3] WARN ziti-conn[wintermute/1] - failed to send FIN message: kotlinx.coroutines.JobCancellationException: Job was cancelled; job=SupervisorJobImpl{Cancelling}@7940e565
[DefaultDispatcher-worker-2] WARN ziti-conn[wintermute/1] - failed to send StateClosed message: Job was cancelled

If normal, maybe warning level is not correct for these messages

When I wanted to integrate the SDK into my Android project，

Why does this problem arise？

The Ziti Java SDK has a call to wait for a service to be available
zitiContext.getService(name,timeout)

I would like the same ability to wait for a service by an InetAddress
zitiContext.getService(addr,timeout)

After embedding this sdk, will the global traffic of the entire mobile phone go through the Ziti network? Or only the current app
Also, after embedding this sdk, can it intercept a specified app on the mobile phone from going to the ziti network, or a specific ip/domain from going to the ziti network

Hi, I have created an endpoint and I am trying to enroll using the jwt as below:

    zitiContext = Ziti.enroll(ks,tokenStream.readAllBytes(),name);

The endpoint appears as registered in the console, however I get the following ziti controller login failure error:

    18:23:18.664 [main] INFO ZitiImpl - ZitiSDK version 0.18.5 @ddfeffc()
    18:23:20.208 [DefaultDispatcher-worker-1 @coroutine#1] DEBUG ziti-enroller - enrolling ctrl[https://23.22.127.125:443] name[3zIUuFGBC] method[ott]
    18:23:21.366 [DefaultDispatcher-worker-1 @coroutine#1] DEBUG ziti-enroller - received 4 certificates
    WARNING: An illegal reflective access operation has occurred
    WARNING: Illegal reflective access by org.openziti.net.nio.AsyncTLSSocketFactory (file:/Users/dineshs/.m2/repository/org/openziti/ziti/0.18.5/ziti-0.18.5.jar) to method java.net.Socket.getImpl()
    WARNING: Please consider reporting this to the maintainers of org.openziti.net.nio.AsyncTLSSocketFactory
    WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
    WARNING: All illegal access operations will be denied in a future release
    18:23:23.014 [DefaultDispatcher-worker-1 @coroutine#2] DEBUG ZitiContextImpl - 3zIUuFGBC[null]@https://23.22.127.125:443 transitioned to Loading
    18:23:23.072 [OkHttp https://23.22.127.125/...] DEBUG Controller - POST https://23.22.127.125/authenticate?method=cert session=null t[OkHttp https://23.22.127.125/...]
    18:23:23.419 [OkHttp https://23.22.127.125/...] DEBUG async-tls/1 - transitioning [initial -> connecting] 
    18:23:23.421 [DefaultDispatcher-worker-3 @coroutine#4] DEBUG async-tls/1 - transitioning [connecting -> handshaking] 
    18:23:23.537 [DefaultDispatcher-worker-3 @coroutine#4] DEBUG async-tls/1 - engine status = NEED_WRAP
    18:23:23.537 [DefaultDispatcher-worker-1 @coroutine#6] TRACE async-tls/1 - start reading loop()
    18:23:23.539 [DefaultDispatcher-worker-3 @coroutine#4] TRACE async-tls/1 - engine.handshakeStatus = NEED_WRAP
    18:23:23.541 [DefaultDispatcher-worker-3 @coroutine#4] TRACE async-tls/1 - engine.handshakeStatus = NEED_UNWRAP
    18:23:23.759 [DefaultDispatcher-worker-3 @coroutine#6] TRACE async-tls/1 - engine.handshakeStatus = NEED_TASK
    18:23:23.765 [DefaultDispatcher-worker-3 @coroutine#6] TRACE async-tls/1 - engine.handshakeStatus = NEED_UNWRAP
    18:23:23.766 [DefaultDispatcher-worker-3 @coroutine#6] TRACE async-tls/1 - engine.handshakeStatus = NEED_TASK
    18:23:23.771 [DefaultDispatcher-worker-3 @coroutine#6] TRACE async-tls/1 - engine.handshakeStatus = NEED_UNWRAP
    18:23:23.771 [DefaultDispatcher-worker-3 @coroutine#6] TRACE async-tls/1 - engine.handshakeStatus = NEED_TASK
    18:23:23.772 [DefaultDispatcher-worker-3 @coroutine#6] TRACE async-tls/1 - engine.handshakeStatus = NEED_UNWRAP
    18:23:23.772 [DefaultDispatcher-worker-3 @coroutine#6] TRACE async-tls/1 - engine.handshakeStatus = NEED_TASK
    18:23:23.773 [DefaultDispatcher-worker-3 @coroutine#6] TRACE async-tls/1 - engine.handshakeStatus = NEED_UNWRAP
    18:23:23.774 [DefaultDispatcher-worker-3 @coroutine#6] TRACE async-tls/1 - engine.handshakeStatus = NEED_TASK
    18:23:23.779 [DefaultDispatcher-worker-3 @coroutine#6] TRACE async-tls/1 - engine.handshakeStatus = NEED_WRAP
    18:23:23.780 [DefaultDispatcher-worker-3 @coroutine#6] TRACE async-tls/1 - engine.handshakeStatus = NEED_UNWRAP
    18:23:23.997 [DefaultDispatcher-worker-3 @coroutine#6] TRACE async-tls/1 - engine.handshakeStatus = NEED_UNWRAP
    18:23:23.998 [DefaultDispatcher-worker-3 @coroutine#6] TRACE async-tls/1 - engine.handshakeStatus = NOT_HANDSHAKING
    18:23:23.998 [DefaultDispatcher-worker-3 @coroutine#6] DEBUG async-tls/1 - handshake completed
    18:23:23.998 [DefaultDispatcher-worker-3 @coroutine#6] DEBUG async-tls/1 - transitioning [handshaking -> connected] 
    18:23:24.017 [DefaultDispatcher-worker-3 @coroutine#7] TRACE async-tls/1 - ssl state Status = OK HandshakeStatus = NOT_HANDSHAKING
    bytesConsumed = 24 bytesProduced = 53 sequenceNumber = 1
    18:23:24.019 [DefaultDispatcher-worker-3 @coroutine#8] TRACE async-tls/1 - ssl state Status = OK HandshakeStatus = NOT_HANDSHAKING
    bytesConsumed = 15 bytesProduced = 44 sequenceNumber = 2
    18:23:24.019 [DefaultDispatcher-worker-3 @coroutine#9] TRACE async-tls/1 - ssl state Status = OK HandshakeStatus = NOT_HANDSHAKING
    bytesConsumed = 13 bytesProduced = 42 sequenceNumber = 3
    18:23:24.030 [DefaultDispatcher-worker-1 @coroutine#11] TRACE async-tls/1 - ssl state Status = OK HandshakeStatus = NOT_HANDSHAKING
    bytesConsumed = 357 bytesProduced = 386 sequenceNumber = 4
    18:23:24.040 [DefaultDispatcher-worker-1 @coroutine#13] TRACE async-tls/1 - ssl state Status = OK HandshakeStatus = NOT_HANDSHAKING
    bytesConsumed = 9 bytesProduced = 38 sequenceNumber = 5
    18:23:24.539 [DefaultDispatcher-worker-1 @coroutine#3] ERROR Controller - error: HTTP 401 
    18:23:24.541 [DefaultDispatcher-worker-1 @coroutine#3] WARN Controller - request failed with Error(code=INVALID_AUTH, message=The authentication request failed, cause=null, field=null)
    18:23:24.543 [DefaultDispatcher-worker-1 @coroutine#3] ERROR ZitiContextImpl - failed to login, cannot continue
    18:23:24.544 [DefaultDispatcher-worker-2 @coroutine#2] DEBUG ZitiContextImpl - 3zIUuFGBC[null]@https://23.22.127.125:443 transitioned to NotAuthorized
    Exception in thread "DefaultDispatcher-worker-1 @coroutine#3" org.openziti.ZitiException: NotAuthorized: HTTP 401 
        at org.openziti.api.Controller.convertError(Controller.kt:255)
        at org.openziti.api.Controller.login$ziti(Controller.kt:157)
        at org.openziti.api.Controller$login$1.invokeSuspend(Controller.kt)
        at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
        at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:104)
        at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:571)
        at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:750)
        at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:678)
        at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:665)
    Caused by: retrofit2.HttpException: HTTP 401 
        at com.jakewharton.retrofit2.adapter.kotlin.coroutines.CoroutineCallAdapterFactory$BodyCallAdapter$adapt$2.onResponse(CoroutineCallAdapterFactory.kt:104)
        at retrofit2.OkHttpCall$1.onResponse(OkHttpCall.java:161)
        at okhttp3.RealCall$AsyncCall.execute(RealCall.java:174)
        at okhttp3.internal.NamedRunnable.run(NamedRunnable.java:32)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
        at java.base/java.lang.Thread.run(Thread.java:834)
    18:23:28.018 [main] DEBUG ZitiContextImpl - stopping networking
    18:23:28.020 [main] DEBUG ZitiContextImpl - stopping controller
    18:23:28.021 [main] DEBUG ZitiContextImpl - shutting down
    18:23:28.029 [main] DEBUG ZitiContextImpl - ziti context is finished

Using the ZitiProtocolCustomizer to configure a spring boot application to listen on a ziti service.

On application start, the application behaves as expected but if a Ziti service interruption occurs and the bind fails, the connection is never recovered and an application restart is required.

On failure the exception below is generated (expected, as the result of the service interruption)

Exception in thread "http-ziti-app-exec-3" java.nio.channels.ClosedChannelException
    at org.openziti.net.ZitiServerSocketChannel.accept(ZitiServerSocketChannel.kt:174)
    at org.openziti.springboot.ZitiEndpoint$ZitiAcceptor.run(ZitiEndpoint.kt:47)
    at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
    at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.base/java.lang.Thread.run(Thread.java:1583)

The ZitiProtocolCustomizer should re-attempt the bind at some future time when the service is restored