manifoldcf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erlend GarĂ¥sen <e.f.gara...@usit.uio.no>
Subject Re: HTTPS for communication between MCF and Solr
Date Mon, 07 Mar 2011 12:36:57 GMT

I have read the Jira ticket with all the comments, but I'm not quite 
sure how this new functionality works.

Where is the certificate supposed to be added? For the web connector, it 
seems to be possible to upload certificates within the application, But 
where can I find the same function for the Solr connector?

Or should I just add the certificate into my local truststore by using 
keytool?

Erlend


On 16.02.11 08.37, Karl Wright wrote:
> The Solr connector does not currently support https.  But adding this
> functionality is not very hard.  If this is functionality you are
> looking for, could you create a ticket in Jira?
> https://issues.apache.org
>
> ManifoldCF is unusual in that each connection that supports SSL has
> its own trust store.  There's support in the ManifoldCF core classes
> for such trust stores, which makes it pretty straightforward.  The
> trickiest part of the whole thing is adding support for your trust
> certs to the connector's UI, and for that there are lots of examples
> to work with.  I'd especially look at the Web Connector, which has a
> "trust everything" checkbox you can check, as well as trusting
> whatever certs you drop into each connection's trust store.
>
> When you've decided exactly what it is you need, enter that in the
> ticket as well.  I don't know if you are in a position to contribute
> any work towards ManifoldCF, but if you are, I can help you develop a
> patch that I'd be happy to commit.  Otherwise, I cannot guarantee
> precisely when I'd get to it.
>
> Thanks,
> Karl
>
> On Wed, Feb 16, 2011 at 2:08 AM,<c.a.r.e@gmx.de>  wrote:
>> I'm running MCF (version release 0.1) and Solr on a Tomcat server with HTTPS configured
(and a self-signed certificate generated by Java keytool).
>>
>> When trying to crawl data I always get:
>> ---------------------
>> WARN  Error communicating with update request handler: sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable
to find valid certification path to requested target
>> javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX
path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
>> ---------------------
>>
>> Is there a way to configure MCF to use a truststore to accept the "insecure" certificate
when sending documents to Solr? I've configured a truststore for the server itself but MCF
does not seem to use it.
>> Or are there other possibilities?
>>
>> thanks in advance
>> Carina
>> --
>> NEU: FreePhone - kostenlos mobil telefonieren und surfen!
>> Jetzt informieren: http://www.gmx.net/de/go/freephone
>>


-- 
Erlend GarĂ¥sen
Center for Information Technology Services
University of Oslo
P.O. Box 1086 Blindern, N-0317 OSLO, Norway
Ph: (+47) 22840193, Fax: (+47) 22852970, Mobile: (+47) 91380968, VIP: 31050

Mime
View raw message