chemistry-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Naresh Bhatia <bhat...@comcast.net>
Subject Re: Connecting to CMIS repository via https
Date Sat, 30 Jul 2011 13:20:43 GMT
Thanks Florian. Importing the server certificate into the Java truststore
fixed the problem.

Naresh



On Thu, Jul 28, 2011 at 6:07 PM, Florian Müller <
florian.mueller@alfresco.com> wrote:

> Hi Naresh,
>
> You can (and should) import the server certificate into the Java truststore
> [1] and this exception should go away.
>
> The brute force alternative is to call the following piece of code before
> you connect and unknown certificates will be ignored.
> Make sure you remove this code before you use your application in
> production!
>
>
> Florian
>
>
> [1]
> http://download.oracle.com/javase/6/docs/technotes/tools/windows/keytool.html
>
>
>
> <code>
>    private void acceptSelfSignedCertificates() {
>        TrustManager[] trustAllCerts = new TrustManager[] { new
> X509TrustManager() {
>            public X509Certificate[] getAcceptedIssuers() {
>                return null;
>            }
>
>            public void checkClientTrusted(X509Certificate[] certs, String
> authType) { }
>
>            public void checkServerTrusted(X509Certificate[] certs, String
> authType) { }
>        } };
>
>        try {
>            SSLContext sc = SSLContext.getInstance("SSL");
>            sc.init(null, trustAllCerts, new java.security.SecureRandom());
>
>  HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
>        } catch (Exception e) {
>        }
>    }
> </code>
>
>
> On 28/07/2011 22:31, Naresh Bhatia wrote:
> > I am trying to connect to a CMIS repository via https. The server uses a
> > test certificate. When I connect via the browser, it warns that "The
> site's
> > security certificate is not trusted!". However I can ignore the warning
> and
> > proceed anyway. Is it possible to do something similar with OpenCMIS?
> > Currently it is giving me the following exception:
> >
> > org.apache.chemistry.opencmis.commons.exceptions.CmisConnectionException:
> > Cannot access
> >
> https://localhost:8443/alfresco/service/cmis?repositoryId=df9d48f6-a276-4e5b-8168-1175a672a9fc
> :
> > sun.security.validator.ValidatorException: PKIX path building failed:
> > sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find
> > valid certification path to requested target
> >
> org.apache.chemistry.opencmis.client.bindings.spi.atompub.HttpUtils.invoke(HttpUtils.java:184)
> >
> org.apache.chemistry.opencmis.client.bindings.spi.atompub.HttpUtils.invokeGET(HttpUtils.java:60)
> >
> org.apache.chemistry.opencmis.client.bindings.spi.atompub.AbstractAtomPubService.read(AbstractAtomPubService.java:484)
> >
> org.apache.chemistry.opencmis.client.bindings.spi.atompub.AbstractAtomPubService.getRepositoriesInternal(AbstractAtomPubService.java:652)
> >
> org.apache.chemistry.opencmis.client.bindings.spi.atompub.RepositoryServiceImpl.getRepositoryInfo(RepositoryServiceImpl.java:62)
> >
> org.apache.chemistry.opencmis.client.bindings.impl.RepositoryServiceImpl.getRepositoryInfo(RepositoryServiceImpl.java:69)
> >
> org.apache.chemistry.opencmis.client.runtime.SessionImpl.connect(SessionImpl.java:581)
> >
> org.apache.chemistry.opencmis.client.runtime.SessionFactoryImpl.createSession(SessionFactoryImpl.java:61)
> >
> > Thanks.
> > Naresh
> >
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message