Menu
▾
▴
Re: [SignServer-develop] Authorization Type
|
From: Marcus L. <mar...@pr...> - 2013-07-31 11:57:39
|
ons 2013-07-31 klockan 12:36 +0200 skrev Valentin Peltier:
> Hi,
Hi Valentine!
>
> Detail of the request:
> bin/client.sh timestamp -instr mystring -outrep response.tsr -url
> http://localhost:8080/signserver/tsa?workerId=1
> -keystore /tmp/client.jks -keystorepwd "my_pass" -keyalias "my_alias"
>
You would need to use client-authenticated HTTPS for the request.
Something like:
-url https://localhost:8443/signserver/tsa?workerId=1 -keystore ...
Regards,
Marcus Lundblad
>
> Detail of the error message:
> Exception in thread "main"
> org.signserver.cli.spi.UnexpectedCommandFailureException:
> java.io.IOException: Server returned HTTP response code: 400 for URL:
> http://localhost:8080/signserver/tsa?workerId=1
> at
> org.signserver.client.cli.defaultimpl.TimeStampCommand.execute(TimeStampCommand.java:320)
> at
> org.signserver.cli.CommandLineInterface.execute(CommandLineInterface.java:97)
> at org.signserver.client.cli.ClientCLI.main(ClientCLI.java:45)
> Caused by: java.io.IOException: Server returned HTTP response code:
> 400 for URL: http://localhost:8080/signserver/tsa?workerId=1
> at
> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1403)
> at
> org.signserver.client.cli.defaultimpl.TimeStampCommand.tsaRequest(TimeStampCommand.java:586)
> at
> org.signserver.client.cli.defaultimpl.TimeStampCommand.run(TimeStampCommand.java:334)
> at
> org.signserver.client.cli.defaultimpl.TimeStampCommand.execute(TimeStampCommand.java:312)
> ... 2 more
>
>
> Detail of the server.log:
> [#|2013-07-31T12:12:19.463+0200|INFO|sun-appserver2.1|
> javax.enterprise.system.stream.out|
> _ThreadID=16;_ThreadName=httpSSLWorkerThread-8080-0;|INFO
> [IWorkerLogger] AUDIT; DefaultTimeStampLogger; LOG_ID:
> db8d7ba8-f6f9-4f66-bf93-bea140d0f8d3; CLIENT_IP: 127.0.0.1;
> REQUEST_FULLURL: http://localhost:8080/signserver/tsa?workerId=1;
> RequestTime: 1375265539461; ResponseTime: 1; TimeStamp: ${TSA_TIME};
> PKIStatus: ${TSA_PKISTATUS}; PKIFailureInfo: ${TSA_PKIFAILUREINFO};
> SerialNumber: ${TSA_SERIALNUMBER}; TSA_POLICYID: ${TSA_POLICYID};
> SIGNER_CERT_SERIALNUMBER: ${SIGNER_CERT_SERIALNUMBER};
> SIGNER_CERT_ISSUERDN: ${SIGNER_CERT_ISSUERDN};
> TIMESTAMPREQUEST_ENCODED: ${TSA_TIMESTAMPREQUEST_ENCODED};
> TSA_TIMESTAMPRESPONSE_ENCODED: ${TSA_TIMESTAMPRESPONSE_ENCODED};
> ARCHIVE_IDS: ${ARCHIVE_IDS}; PURCHASED: ${PURCHASED}; TSA_EXCEPTION:
> ${TSA_EXCEPTION}; EXCEPTION: Error, client authentication is required.
>
>
>
> However when I configure the worker with AUTH = NOAUTH, the request is
> successful.
>
>
> Can somebody help me !?
>
>
>
> Regard,
>
>
> Valentin.
>
>
>
>
>
> --
> Valentin PELTIER
> Stagiaire
>
> val...@ar...
>
>
> AriadNEXT
>
> 80 av. des Buttes de Coësmes
>
> 35700 RENNES - FRANCE
>
>
>
>
>
> Ce message et toutes les pièces jointes sont confidentiels et établis
> à l'intention exclusive de son ou ses destinataires. Si vous avez reçu
> ce message par erreur, merci d'en avertir immédiatement l'émetteur et
> de détruire le message. Toute modification, édition, utilisation ou
> diffusion non autorisée est interdite. L'émetteur décline toute
> responsabilité au titre de ce message s'il a été modifié, déformé,
> falsifié, infecté par un virus ou encore édité ou diffusé sans
> autorisation.
>
> This message and any attachments are confidential and intended for the
> named addressee(s) only. If you have received this message in error,
> please notify immediately the sender, then delete the message. Any
> unauthorized modification, edition, use or dissemination is
> prohibited. The sender shall not be liable for this message if it has
> been modified, altered, falsified, infected by a virus or even edited
> or disseminated without authorization.
>
> ------------------------------------------------------------------------------
> Get your SQL database under version control now!
> Version control is standard for application code, but databases havent
> caught up. So what steps can you take to put your SQL databases under
> version control? Why should you start doing it? Read more to find out.
> http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
> _______________________________________________ SignServer-develop mailing list Sig...@li... https://lists.sourceforge.net/lists/listinfo/signserver-develop
|
