SSL_ERROR_SSL when attempting HTTPS connection with 1.0.0.2/1.0.0.5
ODBO provider for connections to XMLA data sources
Status: Beta
Brought to you by:
alexa77
Menu
▾
▴
#10 SSL_ERROR_SSL when attempting HTTPS connection with 1.0.0.2/1.0.0.5
Per ticket #8, 1.0.0.2 introduced SSL support.
When I attempt to access any SSL-enabled Mondrian XMLA service I get this error:
SSL_ERROR_SSL
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
When I access the same URL via Internet Explorer it works fine (showing a valid certificate). Note this is not a self-signed certificate. It's a fully valid properly issued one.
To recreate...
Win 7, Excel 2010, Pentaho 5.1. Data Connection Wizard... Other/Advanced... XMLA Data Source... Next... Location=https://myserver/pentaho/Xmla ... User Name=user ... Password=password... click drop down next to Catalog. Error occurs.
I also tested with https://www.google.com (expecting to get past the SSL handshake and see a different error) but got the same error.
Can recreate with 1.0.0.2 and 1.0.0.5. Rebooted and reinstalled, and have also checked within Excel that it is indeed using 1.0.0.2 or 1.0.0.5.
Can this be due to your Fiddler configuration?
We are able to reproduce this error when we use the "Decrypt HTTPS traffic" of the tool. This relies on a self-signed certificate for decryption. Check the attached image
Hi Alexandra. I get this error with and without Fiddler.
Also, I've imported and trusted the self-signed Fiddler certificate so Internet Explorer and Windows fully trusts it.
[cid:image001.jpg@01CFD103.451BCA70]
Regards,
Richard
From: Alexandra Iancu [mailto:alexa77@users.sf.net]
Sent: 15 September 2014 16:33
To: [xmlaconnect:tickets]
Subject: [xmlaconnect:tickets] #10 SSL_ERROR_SSL when attempting HTTPS connection with 1.0.0.2/1.0.0.5
Can this be due to your Fiddler configuration?
We are able to reproduce this error when we use the "Decrypt HTTPS traffic" of the tool. This relies on a self-signed certificate for decryption. Check the attached image
Attachment: Fiddler.png (71.6 kB; image/png)
[tickets:#10]http://sourceforge.net/p/xmlaconnect/tickets/10 SSL_ERROR_SSL when attempting HTTPS connection with 1.0.0.2/1.0.0.5
Status: open
Milestone: 1.0
Created: Mon Sep 15, 2014 11:31 AM UTC by Richard Mundell
Last Updated: Mon Sep 15, 2014 11:31 AM UTC
Owner: nobody
Per ticket #8, 1.0.0.2 introduced SSL support.
When I attempt to access any SSL-enabled Mondrian XMLA service I get this error:
SSL_ERROR_SSL
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
When I access the same URL via Internet Explorer it works fine (showing a valid certificate). Note this is not a self-signed certificate. It's a fully valid properly issued one.
To recreate...
Win 7, Excel 2010, Pentaho 5.1. Data Connection Wizard... Other/Advanced... XMLA Data Source... Next... Location=https://myserver/pentaho/Xmla ... User Name=user ... Password=password... click drop down next to Catalog. Error occurs.
I also tested with https://www.google.com (expecting to get past the SSL handshake and see a different error) but got the same error.
Can recreate with 1.0.0.2 and 1.0.0.5. Rebooted and reinstalled, and have also checked within Excel that it is indeed using 1.0.0.2 or 1.0.0.5.
Sent from sourceforge.net because you indicated interest in https://sourceforge.net/p/xmlaconnect/tickets/10/https://sourceforge.net/p/xmlaconnect/tickets/10
To unsubscribe from further messages, please visit https://sourceforge.net/auth/subscriptions/https://sourceforge.net/auth/subscriptions
Related
Tickets:
#10I have the same problem with 1.0.0.39 while it works with 1.0.0.5
(tested with Excel 2010 and Win 7 Professional and Pentaho 5.2 CE)
Last edit: Thomas Petrik 2015-01-19
what kind of certificate? self signed added in the trusted certs or valid certificate?
SSL_ERROR_SSL
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Check with the latest version (58 or above version). This might be due to one of the following two cases:
You use a self signed certificate and the certificate is not trusted. Read the document here: http://www.arquery.com/SSL%20and%20Proxy%20support.pdf page 8 for info about bypassing the certificate validation. You mist write a key in the registry. Version 5 does write and bypass validation it for you but in subsequent version we were prompted to turn this on.
The server is added in the trust list or the CA root that generated this server is added in the trust list. The latest version (58 or above should handle this)