Thank you for your response.

There is a cert file in the apache conf, but when i try the « keytool … » command  with this file, it doesn’t work :

« keytool error: gnu.javax.crypto.keyring.MalformedKeyringException: incorrect magic »

I think I need to convert this certificat (open ssl) to use it with java. (I do not know anything in the certificate)

But I don’t understand why only the upload needs this certificate. All others actions of my form work well. And with the older version of orbeon, the upload worked well too.

Julien.

Probably you are using certificate in Apache that is not signed by one of the JDK default CA-s. You need to add certificate of your CA to cacerts file. Follow steps here:
http://www.devdaily.com/blog/post/java/keytool-cacerts-java-ssl

  Tambet

On 20.12.2010 18:19, Bittard, Julien wrote:

Hello

In our forms, the user can upload a file. So we have an xpl file which copy the file in the good directories.

We have a client which use this form in an environnement https. All works good, except the file upload : the file is uploaded in the temp directories, but our xpl file doesn’t execute. There is an error on the orbeon log :

2010-12-20 16:42:51,000 ERROR XFormsServer  - xforms-submit-error - setting throwable {throwable: "sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

                at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)

                at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)

                at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)

                at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)

                at sun.security.validator.Validator.validate(Validator.java:218)

                at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)

                at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)

                at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)

                at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:954)

                at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123)

                at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)

                at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)

                at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)

                at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)

                at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)

                at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)

                at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)

                at java.io.BufferedOutputStream.write(BufferedOutputStream.java:104)

                at java.io.FilterOutputStream.write(FilterOutputStream.java:80)

….

Orbeon 3 .8 is installed on tomcat, and there is an apache server on front that contains the certificat.

Before, we used orbeon 3.5.1 on the same architecture and there was no problem.

Have you an idea ?

Thank You.

Julien .

Think green - keep it on the screen. This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.