Menu
▾
▴
[ebxmlms-develop] RE: Hermes & SSL
|
From: Rao Y. <ra...@ya...> - 2004-04-07 04:35:03
|
Dunia you need to import each of the other certs into keystore as well in addition to cacerts. keytool -import .......... -Venkat --- ebx...@li... wrote: > Send ebxmlms-develop mailing list submissions to > ebx...@li... > > To subscribe or unsubscribe via the World Wide Web, > visit > > https://lists.sourceforge.net/lists/listinfo/ebxmlms-develop > or, via email, send a message with subject or body > 'help' to > ebx...@li... > > You can reach the person managing the list at > ebx...@li... > > When replying, please edit your Subject line so it > is more specific > than "Re: Contents of ebxmlms-develop digest..." > > > Today's Topics: > > 1. Hermes & SSL (Dunia Grandoni) > 2. RE: Hermes & SSL (Mayne, Peter) > > --__--__-- > > Message: 1 > To: ebx...@li... > From: Dunia Grandoni <DGr...@mi...> > Date: Tue, 6 Apr 2004 11:45:01 +0200 > Subject: [ebxmlms-develop] Hermes & SSL > Reply-To: ebx...@li... > > Questo un messaggio multiparte in formato MIME. > --=_alternative 003575EAC1256E6E_= > Content-Type: text/plain; charset="US-ASCII" > > Hi all, > I am new to Hermes MSH, so I apologise in advance > for the questions I'm > posting. > I cannot make my Hermes MSH application work with > https. > I read the previous post 'about Hermes & SSL' and I > tried to make the > changes mentioned > there, but I had no success. > Here's what I have to manage: > There's a Tomcat 4.1.27, SSL enabled, on a Windows > 2000 platform (A); an > application that uses > msh is running on it, it is used to send (and > receive) invoices to a twin > application that is running > on another server (Tomcat 4.1.27, SSL enabled, on a > Linux platform (B)). > What I did is creating (with java keytool) a > certificate for each server > and then I imported in <JRE>/lib/security/cacerts > of A the certificate of B and viceversa. > When trying to send an invoice from A to B I get an > exception: > hk.hku.cecid.phoenix.message.handler.RequestException: > > sun.security.validator.ValidatorException: No > trusted certificate found > and no message is sent. > Could someone help me configuring msh right? > Thank you so much > Dunia > > > --=_alternative 003575EAC1256E6E_= > Content-Type: text/html; charset="US-ASCII" > > > <br><font size=2 face="sans-serif">Hi all,</font> > <br><font size=2 face="sans-serif">I am new to > Hermes MSH, so I apologise > in advance for the questions I'm posting.</font> > <br><font size=2 face="sans-serif">I cannot make my > Hermes MSH application > work with https.</font> > <br><font size=2 face="sans-serif">I read the > previous post 'about Hermes > & SSL' and I tried to make the changes mentioned > </font> > <br><font size=2 face="sans-serif">there, but I had > no success.</font> > <br><font size=2 face="sans-serif">Here's what I > have to manage:</font> > <br><font size=2 face="sans-serif">There's a Tomcat > 4.1.27, SSL enabled, > on a Windows 2000 platform (A); an application that > uses</font> > <br><font size=2 face="sans-serif">msh is running on > it, it is used to > send (and receive) invoices to a twin application > that is running</font> > <br><font size=2 face="sans-serif">on another server > (Tomcat 4.1.27, SSL > enabled, on a Linux platform (B)).</font> > <br><font size=2 face="sans-serif">What I did is > creating (with java keytool) > a certificate for each server and then I imported in > <JRE>/lib/security/cacerts</font> > <br><font size=2 face="sans-serif">of A the > certificate of B and viceversa. > </font> > <br><font size=2 face="sans-serif">When trying to > send an invoice from > A to B I get an exception: > hk.hku.cecid.phoenix.message.handler.RequestException: > sun.security.validator.ValidatorException: No > trusted certificate found</font> > <br><font size=2 face="sans-serif">and no message is > sent.</font> > <br><font size=2 face="sans-serif">Could someone > help me configuring msh > right?</font> > <br><font size=2 face="sans-serif">Thank you so > much</font> > <br><font size=2 face="sans-serif">Dunia</font> > <br><font size=2 face="sans-serif"><br> > </font> > --=_alternative 003575EAC1256E6E_=-- > > > --__--__-- > > Message: 2 > From: "Mayne, Peter" <Pet...@ap...> > To: <ebx...@li...> > Subject: RE: [ebxmlms-develop] Hermes & SSL > Date: Wed, 7 Apr 2004 10:00:32 +1000 > Reply-To: ebx...@li... > > This is a multi-part message in MIME format. > > ------=_NextPart_000_159B1_01C41C87.4ED12AB0 > Content-Type: multipart/alternative; > boundary="----_=_NextPart_001_01C41C33.58A58990" > > > ------_=_NextPart_001_01C41C33.58A58990 > Content-Transfer-Encoding: quoted-printable > Content-Type: text/plain; > charset="iso-8859-1" > > (Disclaimer: I don't actually do this, because for > one reason or = > another, I > comment out most of the Http class used in Hermes, > including the = > keystore > stuff.) > =20 > I believe Hermes uses its own trust store. Look in > msh.properties.xml at > //Property/MSH/SSL and use your own keystore, rather > than modifying the = > one > in JAVA_HOME/lib/security. > =20 > PJDM > -- > Peter Mayne > Technology Consultant > Spherion Technology Solutions > Level 1, 243 Northbourne Avenue, Lyneham, ACT, 2602 > T: 61 2 62689727 F: 61 2 62689777=20 > > -----Original Message----- > From: Dunia Grandoni > [mailto:DGr...@mi...]=20 > Sent: Tuesday, 6 April 2004 7:45 PM > To: ebx...@li... > Subject: [ebxmlms-develop] Hermes & SSL > > > > Hi all,=20 > I am new to Hermes MSH, so I apologise in advance > for the questions I'm > posting.=20 > I cannot make my Hermes MSH application work with > https.=20 > I read the previous post 'about Hermes & SSL' and I > tried to make the > changes mentioned=20 > there, but I had no success.=20 > Here's what I have to manage:=20 > There's a Tomcat 4.1.27, SSL enabled, on a Windows > 2000 platform (A); an > application that uses=20 > msh is running on it, it is used to send (and > receive) invoices to a = > twin > application that is running=20 > on another server (Tomcat 4.1.27, SSL enabled, on a > Linux platform (B)). = > > What I did is creating (with java keytool) a > certificate for each server = > and > then I imported in <JRE>/lib/security/cacerts=20 > of A the certificate of B and viceversa.=20 > When trying to send an invoice from A to B I get an > exception: > hk.hku.cecid.phoenix.message.handler.RequestException: > sun.security.validator.ValidatorException: No > trusted certificate found=20 > and no message is sent.=20 > Could someone help me configuring msh right?=20 > Thank you so much=20 > Dunia=20 > > > > > > The information contained in this email and any > attachments to it: > > (a) may be confidential and if you are not the > intended recipient, any = > interference with,=20 > use, disclosure or copying of this material is > unauthorised and = > prohibited; and > > (b) may contain personal information of the > recipient and/or the sender = > as defined=20 > under the Privacy Act 1988 (Cth). Consent is hereby > given by the = > recipient(s) to=20 > collect, hold and use such information and any > personal information = > contained in a=20 > response to this email, for any reasonable purpose > in the ordinary = > course of=20 > Spherion's=20 > business, including forwarding this email internally > or disclosing it to = > a third party. All=20 > personal information collected by Spherion will be > handled in accordance = > with=20 > Spherion's Privacy Policy. If you have received this > email in error, = > please notify the=20 > sender and delete it. > > (c) you agree not to employ or arrange employment > for any candidate(s) = > supplied in=20 > this email and any attachments without first > entering into a contractual = > agreement with=20 > Spherion. You further agree not to divulge any > information contained in = > this document=20 > to any person(s) or entities without the express > permission of Spherion. > > > > ------_=_NextPart_001_01C41C33.58A58990 > Content-Transfer-Encoding: quoted-printable > Content-Type: text/html; > charset="iso-8859-1" > > <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 > Transitional//EN"> > <HTML><HEAD> > <META HTTP-EQUIV=3D"Content-Type" > CONTENT=3D"text/html; = > charset=3DUS-ASCII"> > <TITLE>Message</TITLE> > > <META content=3D"MSHTML 6.00.2800.1264" > name=3DGENERATOR></HEAD> > <BODY> > <DIV><SPAN class=3D448475623-06042004><FONT > face=3DArial = > size=3D2>(Disclaimer: I don't=20 > actually do this, because for one reason or another, > I comment out most = > of the=20 > Http class used in Hermes, including the keystore = > stuff.)</FONT></SPAN></DIV> > <DIV><SPAN class=3D448475623-06042004><FONT > face=3DArial=20 > size=3D2></FONT></SPAN> </DIV> > <DIV><SPAN class=3D448475623-06042004><FONT > face=3DArial size=3D2>I = > believe Hermes=20 > uses its own trust store. Look in msh.properties.xml > at = > //Property/MSH/SSL and=20 > use your own keystore, rather than modifying the one > in=20 > JAVA_HOME/lib/security.</FONT></SPAN></DIV> > <DIV><FONT face=3DArial size=3D2></FONT> </DIV> > <DIV><SPAN class=3D448475623-06042004><FONT > face=3DArial=20 > size=3D2>PJDM<BR></FONT></SPAN><FONT > size=3D2>--<BR>Peter = > Mayne<BR>Technology=20 > Consultant<BR>Spherion Technology Solutions<BR>Level > 1, 243 Northbourne = > Avenue,=20 > Lyneham, ACT, 2602<BR>T: 61 2 62689727 F: 61 2 > 62689777</FONT> = > </DIV> > <BLOCKQUOTE=20 > style=3D"PADDING-LEFT: 5px; MARGIN-LEFT: 5px; > BORDER-LEFT: #000000 2px = > solid; MARGIN-RIGHT: 0px"> > <DIV></DIV> > <DIV class=3DOutlookMessageHeader lang=3Den-us > dir=3Dltr = > align=3Dleft><FONT=20 > face=3DTahoma size=3D2>-----Original > Message-----<BR><B>From:</B> = > Dunia Grandoni=20 > [mailto:DGr...@mi...] <BR><B>Sent:</B> > Tuesday, 6 April 2004 = > 7:45=20 > PM<BR><B>To:</B> = > ebx...@li...<BR><B>Subject:</B>=20 > [ebxmlms-develop] Hermes & > SSL<BR><BR></FONT></DIV><BR><FONT=20 > face=3Dsans-serif size=3D2>Hi all,</FONT> > <BR><FONT face=3Dsans-serif = > size=3D2>I am=20 > new to Hermes MSH, so I apologise in advance for > the questions I'm=20 > posting.</FONT> <BR><FONT face=3Dsans-serif > size=3D2>I cannot make my = > Hermes MSH=20 > application work with https.</FONT> <BR><FONT > face=3Dsans-serif = > size=3D2>I read=20 > the previous post 'about Hermes & SSL' and I > tried to make the = > changes=20 > mentioned </FONT><BR><FONT face=3Dsans-serif > size=3D2>there, but I had = > no=20 > success.</FONT> <BR><FONT face=3Dsans-serif > size=3D2>Here's what I = > have to=20 > manage:</FONT> <BR><FONT face=3Dsans-serif > size=3D2>There's a Tomcat = > 4.1.27, SSL=20 > enabled, on a Windows 2000 platform (A); an > application that = > uses</FONT>=20 > <BR><FONT face=3Dsans-serif size=3D2>msh is > running on it, it is used = > to send (and=20 > receive) invoices to a twin application that is > running</FONT> = > <BR><FONT=20 > face=3Dsans-serif size=3D2>on another server > (Tomcat 4.1.27, SSL = > enabled, on a=20 > Linux platform (B)).</FONT> <BR><FONT > face=3Dsans-serif size=3D2>What = > I did is=20 > creating (with java keytool) a certificate for > each server and then I = > imported=20 > in <JRE>/lib/security/cacerts</FONT> > <BR><FONT face=3Dsans-serif = > size=3D2>of=20 > A the certificate of B and viceversa. > </FONT><BR><FONT = > face=3Dsans-serif=20 > size=3D2>When trying to send an invoice from A to > B I get an = > exception:=20 > > hk.hku.cecid.phoenix.message.handler.RequestException:=20 > sun.security.validator.ValidatorException: No > trusted certificate = > found</FONT>=20 > <BR><FONT face=3Dsans-serif size=3D2>and no > message is sent.</FONT> = > <BR><FONT=20 > face=3Dsans-serif size=3D2>Could someone help me > configuring msh = > right?</FONT>=20 > <BR><FONT face=3Dsans-serif size=3D2>Thank you so > much</FONT> = > <BR><FONT=20 > face=3Dsans-serif size=3D2>Dunia</FONT> <BR><FONT > face=3Dsans-serif=20 > size=3D2><BR></BLOCKQUOTE></FONT></BODY><!--[object_id=3D#ap.spherion.com= > #]--><P align=3Dleft><FONT face=3DTahoma > size=3D2></FONT> <FONT = > size=3D1>The information contained in this email and > any attachments to = > it:</FONT></P> > <P align=3Dleft><FONT size=3D1>(a) may be > confidential and if you are = > not the intended recipient, any interference with, > <BR>use, disclosure = > or copying of this material is unauthorised and > prohibited; = > and</FONT></P> > <P align=3Dleft><FONT size=3D1>(b) may contain > personal information of = > the recipient and/or the sender as defined <BR>under > the Privacy Act = > 1988 (Cth). Consent is hereby given by the > recipient(s) to <BR>collect, = > hold and use such information and any personal > information contained in = > a <BR>response to this email, for any reasonable > purpose in the ordinary = > course of <BR>Spherion's <BR>business, including > forwarding this email = > internally or disclosing it to a third party. All > <BR>personal = > information collected by Spherion will be handled in > accordance with = > <BR>Spherion's Privacy Policy. If you have received > this email in error, = > please notify the <BR>sender and delete > it.</FONT></P> > <P align=3Dleft><FONT size=3D1>(c) you agree not to > employ or arrange = > employment for any candidate(s) supplied in <BR>this > email and any = > attachments without first entering into a > contractual agreement with = > <BR>Spherion. You further agree not to divulge any > information contained = > in this document <BR>to any person(s) or entities > without the express = > permission of Spherion.<BR></FONT></P> > <P align=3Dleft><FONT face=3DTahoma size=3D2><FONT = > color=3D#0000ff><BR> </P></FONT></FONT></HTML> > > ------_=_NextPart_001_01C41C33.58A58990-- > > ------=_NextPart_000_159B1_01C41C87.4ED12AB0-- > > > > --__--__-- > > _______________________________________________ > ebxmlms-develop mailing list > ebx...@li... > https://lists.sourceforge.net/lists/listinfo/ebxmlms-develop > > > End of ebxmlms-develop Digest __________________________________ Do you Yahoo!? Yahoo! Small Business $15K Web Design Giveaway http://promotions.yahoo.com/design_giveaway/ |
