Orbeon Forms community mailing list
Login  Register

Re: RE: Re: upload doesn't good work with https

Posted by Erik Bruchez on Dec 22, 2010; 1:39am
URL: https://discuss.orbeon.com/upload-doesn-t-good-work-with-https-tp3095800p3159992.html

Julien,

Not sure why this used to work for you. Maybe because we use a new
version of the HTTP client?

Could it be a new version of the JDK as well?

Handling of certificates in the JDK is definitely painful.

-Erik

On Tue, Dec 21, 2010 at 1:33 AM, Bittard, Julien
<[hidden email]> wrote:

> Thank you for your response.
>
>
>
> There is a cert file in the apache conf, but when i try the « keytool … »
> command  with this file, it doesn’t work :
>
> « keytool error: gnu.javax.crypto.keyring.MalformedKeyringException:
> incorrect magic »
>
>
>
> I think I need to convert this certificat (open ssl) to use it with java. (I
> do not know anything in the certificate)
>
>
>
> But I don’t understand why only the upload needs this certificate. All
> others actions of my form work well. And with the older version of orbeon,
> the upload worked well too.
>
>
>
> Julien.
>
>
>
>
>
> De : Tambet Matiisen [mailto:[hidden email]]
> Envoyé : lundi 20 décembre 2010 21:44
> À : [hidden email]
> Objet : [ops-users] Re: upload doesn't good work with https
>
>
>
> Probably you are using certificate in Apache that is not signed by one of
> the JDK default CA-s. You need to add certificate of your CA to cacerts
> file. Follow steps here:
> http://www.devdaily.com/blog/post/java/keytool-cacerts-java-ssl
>
>   Tambet
>
> On 20.12.2010 18:19, Bittard, Julien wrote:
>
> Hello
>
>
>
> In our forms, the user can upload a file. So we have an xpl file which copy
> the file in the good directories.
>
> We have a client which use this form in an environnement https. All works
> good, except the file upload : the file is uploaded in the temp directories,
> but our xpl file doesn’t execute. There is an error on the orbeon log :
>
>
>
> 2010-12-20 16:42:51,000 ERROR XFormsServer  - xforms-submit-error - setting
> throwable {throwable:
> "sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target
>
>                 at
> sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
>
>                 at
> java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
>
>                 at
> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
>
>                 at
> sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
>
>                 at
> sun.security.validator.Validator.validate(Validator.java:218)
>
>                 at
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
>
>                 at
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
>
>                 at
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
>
>                 at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:954)
>
>                 at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123)
>
>                 at
> com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
>
>                 at
> com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
>
>                 at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
>
>                 at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
>
>                 at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
>
>                 at
> com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
>
>                 at
> java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
>
>                 at
> java.io.BufferedOutputStream.write(BufferedOutputStream.java:104)
>
>                 at
> java.io.FilterOutputStream.write(FilterOutputStream.java:80)
>
> ….
>
> Orbeon 3 .8 is installed on tomcat, and there is an apache server on front
> that contains the certificat.
>
>
>
> Before, we used orbeon 3.5.1 on the same architecture and there was no
> problem.
>
>
>
> Have you an idea ?
>
>
>
> Thank You.
>
>
>
> Julien .
>
>
>
> Think green - keep it on the screen. This e-mail and any attachment is for
> authorised use by the intended recipient(s) only. It may contain proprietary
> material, confidential information and/or be subject to legal privilege. It
> should not be copied, disclosed to, retained or used by, any other party. If
> you are not an intended recipient then please promptly delete this e-mail
> and any attachment and all copies and inform the sender. Thank you.
>
>
>
> Think green - keep it on the screen. This e-mail and any attachment is for
> authorised use by the intended recipient(s) only. It may contain proprietary
> material, confidential information and/or be subject to legal privilege. It
> should not be copied, disclosed to, retained or used by, any other party. If
> you are not an intended recipient then please promptly delete this e-mail
> and any attachment and all copies and inform the sender. Thank you.
>
> --
> You receive this message as a subscriber of the [hidden email] mailing
> list.
> To unsubscribe: mailto:[hidden email]
> For general help: mailto:[hidden email]?subject=help
> OW2 mailing lists service home page: http://www.ow2.org/wws
>
>


--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
OW2 mailing lists service home page: http://www.ow2.org/wws
Free forum by Nabble Edit this page