Menu
▾
▴
Rif: [ebxmlms-develop] RE: Hermes & SSL
|
From: Dunia G. <DGr...@mi...> - 2004-04-14 09:24:27
|
Hi Venkat, I imported both server's certificates into the keystore, but I had no=20 luck!! I'm getting frustrated! Anyway I really appreciated your reply! Thank you, Dunia ebx...@li... scritti il 04/07/2004 06:34:56 = AM > Dunia > you need to import each of the other certs into > keystore as well in addition to cacerts. >=20 > keytool -import .......... >=20 >=20 >=20 > -Venkat >=20 >=20 > --- ebx...@li... > wrote: > > Send ebxmlms-develop mailing list submissions to > > ebx...@li... > >=20 > > To subscribe or unsubscribe via the World Wide Web, > > visit > >=20 > > > https://lists.sourceforge.net/lists/listinfo/ebxmlms-develop > > or, via email, send a message with subject or body > > 'help' to > > ebx...@li... > >=20 > > You can reach the person managing the list at > > ebx...@li... > >=20 > > When replying, please edit your Subject line so it > > is more specific > > than "Re: Contents of ebxmlms-develop digest..." > >=20 > >=20 > > Today's Topics: > >=20 > > 1. Hermes & SSL (Dunia Grandoni) > > 2. RE: Hermes & SSL (Mayne, Peter) > >=20 > > --=5F=5F--=5F=5F-- > >=20 > > Message: 1 > > To: ebx...@li... > > From: Dunia Grandoni <DGr...@mi...> > > Date: Tue, 6 Apr 2004 11:45:01 +0200 > > Subject: [ebxmlms-develop] Hermes & SSL > > Reply-To: ebx...@li... > >=20 > > Questo ? un messaggio multiparte in formato MIME. > > --=3D=5Falternative 003575EAC1256E6E=5F=3D > > Content-Type: text/plain; charset=3D"US-ASCII" > >=20 > > Hi all, > > I am new to Hermes MSH, so I apologise in advance > > for the questions I'm=20 > > posting. > > I cannot make my Hermes MSH application work with > > https. > > I read the previous post 'about Hermes & SSL' and I > > tried to make the=20 > > changes mentioned=20 > > there, but I had no success. > > Here's what I have to manage: > > There's a Tomcat 4.1.27, SSL enabled, on a Windows > > 2000 platform (A); an=20 > > application that uses > > msh is running on it, it is used to send (and > > receive) invoices to a twin=20 > > application that is running > > on another server (Tomcat 4.1.27, SSL enabled, on a > > Linux platform (B)). > > What I did is creating (with java keytool) a > > certificate for each server=20 > > and then I imported in <JRE>/lib/security/cacerts > > of A the certificate of B and viceversa.=20 > > When trying to send an invoice from A to B I get an > > exception:=20 > > > hk.hku.cecid.phoenix.message.handler.RequestException: > >=20 > > sun.security.validator.ValidatorException: No > > trusted certificate found > > and no message is sent. > > Could someone help me configuring msh right? > > Thank you so much > > Dunia > >=20 > >=20 > > --=3D=5Falternative 003575EAC1256E6E=5F=3D > > Content-Type: text/html; charset=3D"US-ASCII" > >=20 > >=20 > > <br><font size=3D2 face=3D"sans-serif">Hi all,</font> > > <br><font size=3D2 face=3D"sans-serif">I am new to > > Hermes MSH, so I apologise > > in advance for the questions I'm posting.</font> > > <br><font size=3D2 face=3D"sans-serif">I cannot make my > > Hermes MSH application > > work with https.</font> > > <br><font size=3D2 face=3D"sans-serif">I read the > > previous post 'about Hermes > > & SSL' and I tried to make the changes mentioned > > </font> > > <br><font size=3D2 face=3D"sans-serif">there, but I had > > no success.</font> > > <br><font size=3D2 face=3D"sans-serif">Here's what I > > have to manage:</font> > > <br><font size=3D2 face=3D"sans-serif">There's a Tomcat > > 4.1.27, SSL enabled, > > on a Windows 2000 platform (A); an application that > > uses</font> > > <br><font size=3D2 face=3D"sans-serif">msh is running on > > it, it is used to > > send (and receive) invoices to a twin application > > that is running</font> > > <br><font size=3D2 face=3D"sans-serif">on another server > > (Tomcat 4.1.27, SSL > > enabled, on a Linux platform (B)).</font> > > <br><font size=3D2 face=3D"sans-serif">What I did is > > creating (with java keytool) > > a certificate for each server and then I imported in > > <JRE>/lib/security/cacerts</font> > > <br><font size=3D2 face=3D"sans-serif">of A the > > certificate of B and viceversa. > > </font> > > <br><font size=3D2 face=3D"sans-serif">When trying to > > send an invoice from > > A to B I get an exception: > > > hk.hku.cecid.phoenix.message.handler.RequestException: > > sun.security.validator.ValidatorException: No > > trusted certificate found</font> > > <br><font size=3D2 face=3D"sans-serif">and no message is > > sent.</font> > > <br><font size=3D2 face=3D"sans-serif">Could someone > > help me configuring msh > > right?</font> > > <br><font size=3D2 face=3D"sans-serif">Thank you so > > much</font> > > <br><font size=3D2 face=3D"sans-serif">Dunia</font> > > <br><font size=3D2 face=3D"sans-serif"><br> > > </font> > > --=3D=5Falternative 003575EAC1256E6E=5F=3D-- > >=20 > >=20 > > --=5F=5F--=5F=5F-- > >=20 > > Message: 2 > > From: "Mayne, Peter" <Pet...@ap...> > > To: <ebx...@li...> > > Subject: RE: [ebxmlms-develop] Hermes & SSL > > Date: Wed, 7 Apr 2004 10:00:32 +1000=20 > > Reply-To: ebx...@li... > >=20 > > This is a multi-part message in MIME format. > >=20 > > ------=3D=5FNextPart=5F000=5F159B1=5F01C41C87.4ED12AB0 > > Content-Type: multipart/alternative; > > boundary=3D"----=5F=3D=5FNextPart=5F001=5F01C41C33.58A58990" > >=20 > >=20 > > ------=5F=3D=5FNextPart=5F001=5F01C41C33.58A58990 > > Content-Transfer-Encoding: quoted-printable > > Content-Type: text/plain; > > charset=3D"iso-8859-1" > >=20 > > (Disclaimer: I don't actually do this, because for > > one reason or =3D > > another, I > > comment out most of the Http class used in Hermes, > > including the =3D > > keystore > > stuff.) > > =3D20 > > I believe Hermes uses its own trust store. Look in > > msh.properties.xml at > > //Property/MSH/SSL and use your own keystore, rather > > than modifying the =3D > > one > > in JAVA=5FHOME/lib/security. > > =3D20 > > PJDM > > -- > > Peter Mayne > > Technology Consultant > > Spherion Technology Solutions > > Level 1, 243 Northbourne Avenue, Lyneham, ACT, 2602 > > T: 61 2 62689727 F: 61 2 62689777=3D20 > >=20 > > -----Original Message----- > > From: Dunia Grandoni > > [mailto:DGr...@mi...]=3D20 > > Sent: Tuesday, 6 April 2004 7:45 PM > > To: ebx...@li... > > Subject: [ebxmlms-develop] Hermes & SSL > >=20 > >=20 > >=20 > > Hi all,=3D20 > > I am new to Hermes MSH, so I apologise in advance > > for the questions I'm > > posting.=3D20 > > I cannot make my Hermes MSH application work with > > https.=3D20 > > I read the previous post 'about Hermes & SSL' and I > > tried to make the > > changes mentioned=3D20 > > there, but I had no success.=3D20 > > Here's what I have to manage:=3D20 > > There's a Tomcat 4.1.27, SSL enabled, on a Windows > > 2000 platform (A); an > > application that uses=3D20 > > msh is running on it, it is used to send (and > > receive) invoices to a =3D > > twin > > application that is running=3D20 > > on another server (Tomcat 4.1.27, SSL enabled, on a > > Linux platform (B)). =3D > >=20 > > What I did is creating (with java keytool) a > > certificate for each server =3D > > and > > then I imported in <JRE>/lib/security/cacerts=3D20 > > of A the certificate of B and viceversa.=3D20 > > When trying to send an invoice from A to B I get an > > exception: > > > hk.hku.cecid.phoenix.message.handler.RequestException: > > sun.security.validator.ValidatorException: No > > trusted certificate found=3D20 > > and no message is sent.=3D20 > > Could someone help me configuring msh right?=3D20 > > Thank you so much=3D20 > > Dunia=3D20 > >=20 > >=20 > >=20 > >=20 > >=20 > > The information contained in this email and any > > attachments to it: > >=20 > > (a) may be confidential and if you are not the > > intended recipient, any =3D > > interference with,=3D20 > > use, disclosure or copying of this material is > > unauthorised and =3D > > prohibited; and > >=20 > > (b) may contain personal information of the > > recipient and/or the sender =3D > > as defined=3D20 > > under the Privacy Act 1988 (Cth). Consent is hereby > > given by the =3D > > recipient(s) to=3D20 > > collect, hold and use such information and any > > personal information =3D > > contained in a=3D20 > > response to this email, for any reasonable purpose > > in the ordinary =3D > > course of=3D20 > > Spherion's=3D20 > > business, including forwarding this email internally > > or disclosing it to =3D > > a third party. All=3D20 > > personal information collected by Spherion will be > > handled in accordance =3D > > with=3D20 > > Spherion's Privacy Policy. If you have received this > > email in error, =3D > > please notify the=3D20 > > sender and delete it. > >=20 > > (c) you agree not to employ or arrange employment > > for any candidate(s) =3D > > supplied in=3D20 > > this email and any attachments without first > > entering into a contractual =3D > > agreement with=3D20 > > Spherion. You further agree not to divulge any > > information contained in =3D > > this document=3D20 > > to any person(s) or entities without the express > > permission of Spherion. > >=20 > >=20 > >=20 > > ------=5F=3D=5FNextPart=5F001=5F01C41C33.58A58990 > > Content-Transfer-Encoding: quoted-printable > > Content-Type: text/html; > > charset=3D"iso-8859-1" > >=20 > > <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 > > Transitional//EN"> > > <HTML><HEAD> > > <META HTTP-EQUIV=3D3D"Content-Type" > > CONTENT=3D3D"text/html; =3D > > charset=3D3DUS-ASCII"> > > <TITLE>Message</TITLE> > >=20 > > <META content=3D3D"MSHTML 6.00.2800.1264" > > name=3D3DGENERATOR></HEAD> > > <BODY> > > <DIV><SPAN class=3D3D448475623-06042004><FONT > > face=3D3DArial =3D > > size=3D3D2>(Disclaimer: I don't=3D20 > > actually do this, because for one reason or another, > > I comment out most =3D > > of the=3D20 > > Http class used in Hermes, including the keystore =3D > > stuff.)</FONT></SPAN></DIV> > > <DIV><SPAN class=3D3D448475623-06042004><FONT > > face=3D3DArial=3D20 > > size=3D3D2></FONT></SPAN> </DIV> > > <DIV><SPAN class=3D3D448475623-06042004><FONT > > face=3D3DArial size=3D3D2>I =3D > > believe Hermes=3D20 > > uses its own trust store. Look in msh.properties.xml > > at =3D > > //Property/MSH/SSL and=3D20 > > use your own keystore, rather than modifying the one > > in=3D20 > > JAVA=5FHOME/lib/security.</FONT></SPAN></DIV> > > <DIV><FONT face=3D3DArial size=3D3D2></FONT> </DIV> > > <DIV><SPAN class=3D3D448475623-06042004><FONT > > face=3D3DArial=3D20 > > size=3D3D2>PJDM<BR></FONT></SPAN><FONT > > size=3D3D2>--<BR>Peter =3D > > Mayne<BR>Technology=3D20 > > Consultant<BR>Spherion Technology Solutions<BR>Level > > 1, 243 Northbourne =3D > > Avenue,=3D20 > > Lyneham, ACT, 2602<BR>T: 61 2 62689727 F: 61 2 > > 62689777</FONT> =3D > > </DIV> > > <BLOCKQUOTE=3D20 > > style=3D3D"PADDING-LEFT: 5px; MARGIN-LEFT: 5px; > > BORDER-LEFT: #000000 2px =3D > > solid; MARGIN-RIGHT: 0px"> > > <DIV></DIV> > > <DIV class=3D3DOutlookMessageHeader lang=3D3Den-us > > dir=3D3Dltr =3D > > align=3D3Dleft><FONT=3D20 > > face=3D3DTahoma size=3D3D2>-----Original > > Message-----<BR><B>From:</B> =3D > > Dunia Grandoni=3D20 > > [mailto:DGr...@mi...] <BR><B>Sent:</B> > > Tuesday, 6 April 2004 =3D > > 7:45=3D20 > > PM<BR><B>To:</B> =3D > > > ebx...@li...<BR><B>Subject:</B>=3D20 > > [ebxmlms-develop] Hermes & > > SSL<BR><BR></FONT></DIV><BR><FONT=3D20 > > face=3D3Dsans-serif size=3D3D2>Hi all,</FONT> > > <BR><FONT face=3D3Dsans-serif =3D > > size=3D3D2>I am=3D20 > > new to Hermes MSH, so I apologise in advance for > > the questions I'm=3D20 > > posting.</FONT> <BR><FONT face=3D3Dsans-serif > > size=3D3D2>I cannot make my =3D > > Hermes MSH=3D20 > > application work with https.</FONT> <BR><FONT > > face=3D3Dsans-serif =3D > > size=3D3D2>I read=3D20 > > the previous post 'about Hermes & SSL' and I > > tried to make the =3D > > changes=3D20 > > mentioned </FONT><BR><FONT face=3D3Dsans-serif > > size=3D3D2>there, but I had =3D > > no=3D20 > > success.</FONT> <BR><FONT face=3D3Dsans-serif > > size=3D3D2>Here's what I =3D > > have to=3D20 > > manage:</FONT> <BR><FONT face=3D3Dsans-serif > > size=3D3D2>There's a Tomcat =3D > > 4.1.27, SSL=3D20 > > enabled, on a Windows 2000 platform (A); an > > application that =3D > > uses</FONT>=3D20 > > <BR><FONT face=3D3Dsans-serif size=3D3D2>msh is > > running on it, it is used =3D > > to send (and=3D20 > > receive) invoices to a twin application that is > > running</FONT> =3D > > <BR><FONT=3D20 > > face=3D3Dsans-serif size=3D3D2>on another server > > (Tomcat 4.1.27, SSL =3D > > enabled, on a=3D20 > > Linux platform (B)).</FONT> <BR><FONT > > face=3D3Dsans-serif size=3D3D2>What =3D > > I did is=3D20 > > creating (with java keytool) a certificate for > > each server and then I =3D > > imported=3D20 > > in <JRE>/lib/security/cacerts</FONT> > > <BR><FONT face=3D3Dsans-serif =3D > > size=3D3D2>of=3D20 > > A the certificate of B and viceversa. > > </FONT><BR><FONT =3D > > face=3D3Dsans-serif=3D20 > > size=3D3D2>When trying to send an invoice from A to > > B I get an =3D > > exception:=3D20 > >=20 > > > hk.hku.cecid.phoenix.message.handler.RequestException:=3D20 > > sun.security.validator.ValidatorException: No > > trusted certificate =3D > > found</FONT>=3D20 > > <BR><FONT face=3D3Dsans-serif size=3D3D2>and no > > message is sent.</FONT> =3D > > <BR><FONT=3D20 > > face=3D3Dsans-serif size=3D3D2>Could someone help me > > configuring msh =3D > > right?</FONT>=3D20 > > <BR><FONT face=3D3Dsans-serif size=3D3D2>Thank you so > > much</FONT> =3D > > <BR><FONT=3D20 > > face=3D3Dsans-serif size=3D3D2>Dunia</FONT> <BR><FONT > > face=3D3Dsans-serif=3D20 > > > size=3D3D2><BR></BLOCKQUOTE></FONT></BODY><!--[object=5Fid=3D3D#ap. > spherion.com=3D > #]--><P align=3D3Dleft><FONT face=3D3DTahoma > > size=3D3D2></FONT> <FONT =3D > > size=3D3D1>The information contained in this email and > > any attachments to =3D > > it:</FONT></P> > > <P align=3D3Dleft><FONT size=3D3D1>(a) may be > > confidential and if you are =3D > > not the intended recipient, any interference with, > > <BR>use, disclosure =3D > > or copying of this material is unauthorised and > > prohibited; =3D > > and</FONT></P> > > <P align=3D3Dleft><FONT size=3D3D1>(b) may contain > > personal information of =3D > > the recipient and/or the sender as defined <BR>under > > the Privacy Act =3D > > 1988 (Cth). Consent is hereby given by the > > recipient(s) to <BR>collect, =3D > > hold and use such information and any personal > > information contained in =3D > > a <BR>response to this email, for any reasonable > > purpose in the ordinary =3D > > course of <BR>Spherion's <BR>business, including > > forwarding this email =3D > > internally or disclosing it to a third party. All > > <BR>personal =3D > > information collected by Spherion will be handled in > > accordance with =3D > > <BR>Spherion's Privacy Policy. If you have received > > this email in error, =3D > > please notify the <BR>sender and delete > > it.</FONT></P> > > <P align=3D3Dleft><FONT size=3D3D1>(c) you agree not to > > employ or arrange =3D > > employment for any candidate(s) supplied in <BR>this > > email and any =3D > > attachments without first entering into a > > contractual agreement with =3D > > <BR>Spherion. You further agree not to divulge any > > information contained =3D > > in this document <BR>to any person(s) or entities > > without the express =3D > > permission of Spherion.<BR></FONT></P> > > <P align=3D3Dleft><FONT face=3D3DTahoma size=3D3D2><FONT =3D > > color=3D3D#0000ff><BR> </P></FONT></FONT></HTML> > >=20 > > ------=5F=3D=5FNextPart=5F001=5F01C41C33.58A58990-- > >=20 > > ------=3D=5FNextPart=5F000=5F159B1=5F01C41C87.4ED12AB0-- > >=20 > >=20 > >=20 > > --=5F=5F--=5F=5F-- > >=20 > > =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F > > ebxmlms-develop mailing list > > ebx...@li... > > > https://lists.sourceforge.net/lists/listinfo/ebxmlms-develop > >=20 > >=20 > > End of ebxmlms-develop Digest >=20 >=20 > =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F > Do you Yahoo!? > Yahoo! Small Business $15K Web Design Giveaway=20 > http://promotions.yahoo.com/design=5Fgiveaway/ >=20 >=20 > ------------------------------------------------------- > This SF.Net email is sponsored by: IBM Linux Tutorials > Free Linux tutorial presented by Daniel Robbins, President and CEO of > GenToo technologies. Learn everything from fundamentals to system > administration.http://ads.osdn.com/?ad=5Fid=3D1470&alloc=5Fid=3D3638&op= =3Dclick > =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F > ebxmlms-develop mailing list > ebx...@li... > https://lists.sourceforge.net/lists/listinfo/ebxmlms-develop |
