Opencti API is not reachable Waiting for OpenCTI API to start or check your configuration...

[staphysec]

Hello,
i get this error with the default connectors for example : import-document
The platform is accessible and working fine

Thanks!

Docker import-document Logs Error

ValueError: OpenCTI API is not reachable. Waiting for OpenCTI API to start or check your configuration...
Terminated
{"timestamp": "2023-07-27T16:07:04.551987Z", "level": "INFO", "name": "pycti.entities", "message": "Listing Threat-Actors with filters null."}
{"timestamp": "2023-07-27T16:07:04.560813Z", "level": "INFO", "name": "pycti.api", "message": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n<meta charset=\"utf-8\">\n<title>Error</title>\n</head>\n<body>\n<pre>Cannot POST /graphql</pre>\n</body>\n</html>\n"}
{"timestamp": "2023-07-27T16:07:04.561558Z", "level": "ERROR", "name": "pycti.api", "message": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n<meta charset=\"utf-8\">\n<title>Error</title>\n</head>\n<body>\n<pre>Cannot POST /graphql</pre>\n</body>\n</html>\n"}
Traceback (most recent call last):
  File "/opt/opencti-connector-import-document/main.py", line 7, in <module>
    connector = ReportImporter()
                ^^^^^^^^^^^^^^^^
  File "/opt/opencti-connector-import-document/reportimporter/core.py", line 39, in __init__
    self.helper = OpenCTIConnectorHelper(config)
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/pycti/connector/opencti_connector_helper.py", line 661, in __init__
    self.api = OpenCTIApiClient(
               ^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/pycti/api/opencti_api_client.py", line 217, in __init__
    raise ValueError(
ValueError: OpenCTI API is not reachable. Waiting for OpenCTI API to start or check your configuration...
Terminated
{"timestamp": "2023-07-27T16:08:02.998280Z", "level": "INFO", "name": "pycti.entities", "message": "Listing Threat-Actors with filters null."}
{"timestamp": "2023-07-27T16:08:03.024093Z", "level": "INFO", "name": "pycti.api", "message": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n<meta charset=\"utf-8\">\n<title>Error</title>\n</head>\n<body>\n<pre>Cannot POST /graphql</pre>\n</body>\n</html>\n"}
{"timestamp": "2023-07-27T16:08:03.025593Z", "level": "ERROR", "name": "pycti.api", "message": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n<meta charset=\"utf-8\">\n<title>Error</title>\n</head>\n<body>\n<pre>Cannot POST /graphql</pre>\n</body>\n</html>\n"}
Traceback (most recent call last):
  File "/opt/opencti-connector-import-document/main.py", line 7, in <module>
    connector = ReportImporter()
                ^^^^^^^^^^^^^^^^
  File "/opt/opencti-connector-import-document/reportimporter/core.py", line 39, in __init__
    self.helper = OpenCTIConnectorHelper(config)
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/pycti/connector/opencti_connector_helper.py", line 661, in __init__
    self.api = OpenCTIApiClient(
               ^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/pycti/api/opencti_api_client.py", line 217, in __init__
    raise ValueError(
ValueError: OpenCTI API is not reachable. Waiting for OpenCTI API to start or check your configuration...
Terminated
{"timestamp": "2023-07-27T16:08:55.679091Z", "level": "INFO", "name": "pycti.entities", "message": "Listing Threat-Actors with filters null."}
{"timestamp": "2023-07-27T16:08:55.689903Z", "level": "INFO", "name": "pycti.api", "message": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n<meta charset=\"utf-8\">\n<title>Error</title>\n</head>\n<body>\n<pre>Cannot POST /graphql</pre>\n</body>\n</html>\n"}
{"timestamp": "2023-07-27T16:08:55.690626Z", "level": "ERROR", "name": "pycti.api", "message": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n<meta charset=\"utf-8\">\n<title>Error</title>\n</head>\n<body>\n<pre>Cannot POST /graphql</pre>\n</body>\n</html>\n"}
Traceback (most recent call last):
  File "/opt/opencti-connector-import-document/main.py", line 7, in <module>
    connector = ReportImporter()
                ^^^^^^^^^^^^^^^^
  File "/opt/opencti-connector-import-document/reportimporter/core.py", line 39, in __init__
    self.helper = OpenCTIConnectorHelper(config)
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/pycti/connector/opencti_connector_helper.py", line 661, in __init__
    self.api = OpenCTIApiClient(
               ^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/pycti/api/opencti_api_client.py", line 217, in __init__
    raise ValueError(
ValueError: OpenCTI API is not reachable. Waiting for OpenCTI API to start or check your configuration...
Terminated

Docker Compose file

version: '3'
services:
  redis:
    image: redis:7.0.8
    restart: always
    volumes:
      - redisdata:/data
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:8.6.1
    volumes:
      - esdata:/usr/share/elasticsearch/data
    environment:
      # Comment out the line below for single-node
      - discovery.type=single-node
      # Uncomment line below below for a cluster of multiple nodes
      # - cluster.name=docker-cluster
      - xpack.ml.enabled=false
      - xpack.security.enabled=false
      - "ES_JAVA_OPTS=-Xms${ELASTIC_MEMORY_SIZE} -Xmx${ELASTIC_MEMORY_SIZE}"
    restart: always
    ports:
      - "9201:9200"
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536
        hard: 65536
  minio:
    image: minio/minio:RELEASE.2023-01-31T02-24-19Z
    volumes:
      - s3data:/data
    ports:
      - "9000:9000"
    environment:
      MINIO_ROOT_USER: ${MINIO_ROOT_USER}
      MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD}
    command: server /data
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
      interval: 30s
      timeout: 20s
      retries: 3
    restart: always
  rabbitmq:
    image: rabbitmq:3.11-management
    environment:
      - RABBITMQ_DEFAULT_USER=${RABBITMQ_DEFAULT_USER}
      - RABBITMQ_DEFAULT_PASS=${RABBITMQ_DEFAULT_PASS}
    volumes:
      - amqpdata:/var/lib/rabbitmq
    restart: always
  opencti:
    image: opencti/platform:5.9.6
    environment:
      - NODE_OPTIONS=--max-old-space-size=8096
      - APP__PORT=8080
      - APP__BASE_URL=${OPENCTI_BASE_URL}
      - APP__BASE_PATH=${OPENCTI_BASE_URL}
      - APP__ADMIN__EMAIL=${OPENCTI_ADMIN_EMAIL}
      - APP__ADMIN__PASSWORD=${OPENCTI_ADMIN_PASSWORD}
      - APP__ADMIN__TOKEN=${OPENCTI_ADMIN_TOKEN}
      - APP__APP_LOGS__LOGS_LEVEL=error
      - REDIS__HOSTNAME=redis
      - REDIS__PORT=6379
      - ELASTICSEARCH__URL=http://elasticsearch:9200
      - MINIO__ENDPOINT=minio
      - MINIO__PORT=9000
      - MINIO__USE_SSL=false
      - MINIO__ACCESS_KEY=${MINIO_ROOT_USER}
      - MINIO__SECRET_KEY=${MINIO_ROOT_PASSWORD}
      - RABBITMQ__HOSTNAME=rabbitmq
      - RABBITMQ__PORT=5672
      - RABBITMQ__PORT_MANAGEMENT=15672
      - RABBITMQ__MANAGEMENT_SSL=false
      - RABBITMQ__USERNAME=${RABBITMQ_DEFAULT_USER}
      - RABBITMQ__PASSWORD=${RABBITMQ_DEFAULT_PASS}
      - SMTP__HOSTNAME=${SMTP_HOSTNAME}
      - SMTP__PORT=25
      - PROVIDERS__LOCAL__STRATEGY=LocalStrategy
    ports:
      - "8080:8080"
    depends_on:
      - redis
      - elasticsearch
      - minio
      - rabbitmq
    restart: always
  worker:
    image: opencti/worker:5.9.6
    environment:
      - OPENCTI_URL=http://opencti:8080
      - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
      - WORKER_LOG_LEVEL=info
    depends_on:
      - opencti
    deploy:
      mode: replicated
      replicas: 3
    restart: always
  connector-export-file-stix:
    image: opencti/connector-export-file-stix:5.9.6
    environment:
      - OPENCTI_URL=http://opencti:8080
      - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
      - CONNECTOR_ID=${CONNECTOR_EXPORT_FILE_STIX_ID} # Valid UUIDv4
      - CONNECTOR_TYPE=INTERNAL_EXPORT_FILE
      - CONNECTOR_NAME=ExportFileStix2
      - CONNECTOR_SCOPE=application/json
      - CONNECTOR_CONFIDENCE_LEVEL=15 # From 0 (Unknown) to 100 (Fully trusted)
      - CONNECTOR_LOG_LEVEL=info
    restart: always
    depends_on:
      - opencti
  connector-export-file-csv:
    image: opencti/connector-export-file-csv:5.9.6
    environment:
      - OPENCTI_URL=http://opencti:8080
      - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
      - CONNECTOR_ID=${CONNECTOR_EXPORT_FILE_CSV_ID} # Valid UUIDv4
      - CONNECTOR_TYPE=INTERNAL_EXPORT_FILE
      - CONNECTOR_NAME=ExportFileCsv
      - CONNECTOR_SCOPE=text/csv
      - CONNECTOR_CONFIDENCE_LEVEL=15 # From 0 (Unknown) to 100 (Fully trusted)
      - CONNECTOR_LOG_LEVEL=info
    restart: always
    depends_on:
      - opencti
  connector-export-file-txt:
    image: opencti/connector-export-file-txt:5.9.6
    environment:
      - OPENCTI_URL=http://opencti:8080
      - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
      - CONNECTOR_ID=${CONNECTOR_EXPORT_FILE_TXT_ID} # Valid UUIDv4
      - CONNECTOR_TYPE=INTERNAL_EXPORT_FILE
      - CONNECTOR_NAME=ExportFileTxt
      - CONNECTOR_SCOPE=text/plain
      - CONNECTOR_CONFIDENCE_LEVEL=15 # From 0 (Unknown) to 100 (Fully trusted)
      - CONNECTOR_LOG_LEVEL=info
    restart: always
    depends_on:
      - opencti
  connector-import-file-stix:
    image: opencti/connector-import-file-stix:5.9.6
    environment:
      - OPENCTI_URL=http://opencti:8080
      - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
      - CONNECTOR_ID=${CONNECTOR_IMPORT_FILE_STIX_ID} # Valid UUIDv4
      - CONNECTOR_TYPE=INTERNAL_IMPORT_FILE
      - CONNECTOR_NAME=ImportFileStix
      - CONNECTOR_VALIDATE_BEFORE_IMPORT=true # Validate any bundle before import
      - CONNECTOR_SCOPE=application/json,text/xml
      - CONNECTOR_AUTO=true # Enable/disable auto-import of file
      - CONNECTOR_CONFIDENCE_LEVEL=15 # From 0 (Unknown) to 100 (Fully trusted)
      - CONNECTOR_LOG_LEVEL=info
    restart: always
    depends_on:
      - opencti
  connector-import-document:
    image: opencti/connector-import-document:5.9.6
    environment:
      - OPENCTI_URL=http://opencti:8080
      - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
      - CONNECTOR_ID=${CONNECTOR_IMPORT_DOCUMENT_ID} # Valid UUIDv4
      - CONNECTOR_TYPE=INTERNAL_IMPORT_FILE
      - CONNECTOR_NAME=ImportDocument
      - CONNECTOR_VALIDATE_BEFORE_IMPORT=true # Validate any bundle before import
      - CONNECTOR_SCOPE=application/pdf,text/plain,text/html
      - CONNECTOR_AUTO=true # Enable/disable auto-import of file
      - CONNECTOR_ONLY_CONTEXTUAL=false # Only extract data related to an entity (a report, a threat actor, etc.)
      - CONNECTOR_CONFIDENCE_LEVEL=15 # From 0 (Unknown) to 100 (Fully trusted)
      - CONNECTOR_LOG_LEVEL=info
      - IMPORT_DOCUMENT_CREATE_INDICATOR=true
    restart: always
    depends_on:
      - opencti

  kibana:
    depends_on:
      - elasticsearch
    image: docker.elastic.co/kibana/kibana:8.6.1
    container_name: kibana
    volumes:
      - kibana-data:/usr/share/kibana/data
    ports:
     - 5601:5601
    restart: always
    environment:
      - ELASTICSEARCH_HOSTS=http://elasticsearch:9200

ENV File

OPENCTI_ADMIN_EMAIL=admin@opencti.io
OPENCTI_ADMIN_PASSWORD=PASSWORD
OPENCTI_ADMIN_TOKEN=UUID
OPENCTI_BASE_URL=http://<Internal-IP>:8080
MINIO_ROOT_USER=opencti
MINIO_ROOT_PASSWORD=PASWORD
RABBITMQ_DEFAULT_USER=guest
RABBITMQ_DEFAULT_PASS=guest
CONNECTOR_EXPORT_FILE_STIX_ID=UUID
CONNECTOR_EXPORT_FILE_CSV_ID=UUID
CONNECTOR_EXPORT_FILE_TXT_ID=UUID
CONNECTOR_IMPORT_FILE_STIX_ID=UUID
CONNECTOR_IMPORT_DOCUMENT_ID=UUID
SMTP_HOSTNAME=<IP>
ELASTIC_MEMORY_SIZE=4G