| Summary: | Remote gadgets don't work under https mode | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [JBoss] JBoss Enterprise Portal Platform 5 | Reporter: | Michal Vanco <mvanco> | ||||||
| Component: | Portal | Assignee: | Thomas Heute <theute> | ||||||
| Status: | CLOSED NEXTRELEASE | QA Contact: | |||||||
| Severity: | high | Docs Contact: | |||||||
| Priority: | high | ||||||||
| Version: | 5.0.1.GA | CC: | epp-bugs, mvecera | ||||||
| Target Milestone: | --- | ||||||||
| Target Release: | 5.1.0.ER03 | ||||||||
| Hardware: | Unspecified | ||||||||
| OS: | Unspecified | ||||||||
| URL: | http://jira.jboss.org/jira/browse/JBEPP-534 | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: |
EPP5.0.1 running under https mode
|
|||||||
| Last Closed: | 2010-10-22 09:07:47 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Attachments: |
|
||||||||
|
Description
Michal Vanco
2010-10-06 07:57:28 UTC
Attachment: Added: F_testSNF_PRL_13_AddRemoteAndCreateNewGadget-2.jpg.png Attachment: Added: F_testSNF_PRL_28_AddDragDropInDashboardInApplicationRegistry-3.jpg.png Link: Added: This issue is related to GTNPORTAL-1535 Comment: When adding a gadget on the dashboard it expects a valid certificate (signed by a CA) 18:06:20,125 ERROR [STDERR] javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 18:06:20,126 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) 18:06:20,126 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1611) 18:06:20,126 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187) 18:06:20,126 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181) 18:06:20,126 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1035) 18:06:20,126 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:124) 18:06:20,126 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516) 18:06:20,126 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454) 18:06:20,126 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884) 18:06:20,126 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112) 18:06:20,126 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1139) 18:06:20,126 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123) 18:06:20,126 ERROR [STDERR] at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434) 18:06:20,126 ERROR [STDERR] at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) 18:06:20,126 ERROR [STDERR] at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:896) 18:06:20,126 ERROR [STDERR] at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230) 18:06:20,127 ERROR [STDERR] at org.exoplatform.portal.webui.application.GadgetUtil.fetchGagdetMetadata(GadgetUtil.java:94) 18:06:20,127 ERROR [STDERR] at org.exoplatform.portal.webui.application.UIGadget.getMetadata(UIGadget.java:205) It works after you add the certificate to the JRE CA keytool -import -alias toto -keystore /home/theute/Tools/Java/jdk1.6.0_14/jre/lib/security/cacerts -file ~/mycertificate Where mycertificate is the one created for SSL. Would deserve some documentation... Thomas, is there a doc jira for it or should this be used? Nope there is no doc, should be part of install guide probably. I keep it open for that reason (In theory I should close it and open a doc task but I'm being lazy :) ) Link: Added: This issue related JBEPP-569 Created a Jira about documentation Release Notes Docs Status: Added: Documented as Resolved Issue Release Notes Text: Added: Users may have previously encountered errors when trying to add a remote gadget to a portal instance running on a HTTPS domain. The error stated that the URL was invalid even when correct. This was because the Application Registry was expecting a valid certificate signed by a CA to verify the URL. This error can be avoided by adding the certificate to the JRE CA with the command: keytool -import -alias toto -keystore /home/USER/Tools/Java/JDK_VERSION/jre/lib/security/cacerts -file ~/mycertificate (Where mycertificate is the certificate created for SSL) This information has also been added to the JBoss Enterprise Portal Platform User Guide. |