manifoldcf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erlend Garåsen <e.f.gara...@usit.uio.no>
Subject Re: HTTPS for communication between MCF and Solr
Date Mon, 07 Mar 2011 13:09:48 GMT

Thanks for the reply. I found it ("SSL trust certificate list: ...").

Erlend

On 07.03.11 14.03, Karl Wright wrote:
> The certificate gets uploaded on the Server tab.  If you don't see an
> upload box on that tab, you probably have an older version of the Solr
> connector.
>
> Thanks,
> Karl
>
> On Mon, Mar 7, 2011 at 7:36 AM, Erlend Garåsen<e.f.garasen@usit.uio.no>  wrote:
>>
>> I have read the Jira ticket with all the comments, but I'm not quite sure
>> how this new functionality works.
>>
>> Where is the certificate supposed to be added? For the web connector, it
>> seems to be possible to upload certificates within the application, But
>> where can I find the same function for the Solr connector?
>>
>> Or should I just add the certificate into my local truststore by using
>> keytool?
>>
>> Erlend
>>
>>
>> On 16.02.11 08.37, Karl Wright wrote:
>>>
>>> The Solr connector does not currently support https.  But adding this
>>> functionality is not very hard.  If this is functionality you are
>>> looking for, could you create a ticket in Jira?
>>> https://issues.apache.org
>>>
>>> ManifoldCF is unusual in that each connection that supports SSL has
>>> its own trust store.  There's support in the ManifoldCF core classes
>>> for such trust stores, which makes it pretty straightforward.  The
>>> trickiest part of the whole thing is adding support for your trust
>>> certs to the connector's UI, and for that there are lots of examples
>>> to work with.  I'd especially look at the Web Connector, which has a
>>> "trust everything" checkbox you can check, as well as trusting
>>> whatever certs you drop into each connection's trust store.
>>>
>>> When you've decided exactly what it is you need, enter that in the
>>> ticket as well.  I don't know if you are in a position to contribute
>>> any work towards ManifoldCF, but if you are, I can help you develop a
>>> patch that I'd be happy to commit.  Otherwise, I cannot guarantee
>>> precisely when I'd get to it.
>>>
>>> Thanks,
>>> Karl
>>>
>>> On Wed, Feb 16, 2011 at 2:08 AM,<c.a.r.e@gmx.de>    wrote:
>>>>
>>>> I'm running MCF (version release 0.1) and Solr on a Tomcat server with
>>>> HTTPS configured (and a self-signed certificate generated by Java keytool).
>>>>
>>>> When trying to crawl data I always get:
>>>> ---------------------
>>>> WARN  Error communicating with update request handler:
>>>> sun.security.validator.ValidatorException: PKIX path building failed:
>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
>>>> valid certification path to requested target
>>>> javax.net.ssl.SSLHandshakeException:
>>>> sun.security.validator.ValidatorException: PKIX path building failed:
>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
>>>> valid certification path to requested target
>>>> ---------------------
>>>>
>>>> Is there a way to configure MCF to use a truststore to accept the
>>>> "insecure" certificate when sending documents to Solr? I've configured a
>>>> truststore for the server itself but MCF does not seem to use it.
>>>> Or are there other possibilities?
>>>>
>>>> thanks in advance
>>>> Carina
>>>> --
>>>> NEU: FreePhone - kostenlos mobil telefonieren und surfen!
>>>> Jetzt informieren: http://www.gmx.net/de/go/freephone
>>>>
>>
>>
>> --
>> Erlend Garåsen
>> Center for Information Technology Services
>> University of Oslo
>> P.O. Box 1086 Blindern, N-0317 OSLO, Norway
>> Ph: (+47) 22840193, Fax: (+47) 22852970, Mobile: (+47) 91380968, VIP: 31050
>>


-- 
Erlend Garåsen
Center for Information Technology Services
University of Oslo
P.O. Box 1086 Blindern, N-0317 OSLO, Norway
Ph: (+47) 22840193, Fax: (+47) 22852970, Mobile: (+47) 91380968, VIP: 31050

Mime
View raw message