On Thu, May 17, 2012 at 7:10 PM, Rodrigo Antonialli <[email protected]> wrote: > Hi everyone! > > I need some help to configure Geoserver under SSL! > > I've just configured SSL to work fine, following these instructions: > http://www.tomcatexpert.com/knowledge-base/using-openssl-configure-ssl-certificates-tomcat > > I can login in web admin interface, and preview some layers. Examples: > > https://tupi.rc.unesp.br/geoserver/topp/ows?service=WFS&version=1.0.0&request=GetFeature&typeName=topp:states&maxFeatures=50 > - return the topp:states GML. > > https://tupi.rc.unesp.br/geoserver/topp/wms?service=WMS&version=1.1.0&request=GetMap&layers=topp:states&styles=&bbox=-124.73142200000001,24.955967,-66.969849,49.371735&width=780&height=330&srs=EPSG:4326&format=application/openlayers > - The map is shown fine and I can click to show attributes. > > But when I try to run a Demo request, for example, > WFS_GetCapabilities-1.0.xml, or one of the above, it shows me the error: > > <servlet-exception> > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > </servlet-exception>
The demo pages are sending the details to a server side servlet, which in turn does the actual post emulating a client using Java own URLConnection. If your certificate is not trusted the above error will happen. The solution for URLConnection is not an easy one: http://kerbtier.ch/2009/01/31/urlconnection-and-https Afaik if we rewrite the code using commons-httpclient it is instead possible to ignore invalid certificates... requires some work though Cheers Andrea -- Ing. Andrea Aime GeoSolutions S.A.S. Tech lead Via Poggio alle Viti 1187 55054 Massarosa (LU) Italy phone: +39 0584 962313 fax: +39 0584 962313 mob: +39 339 8844549 http://www.geo-solutions.it http://geo-solutions.blogspot.com/ http://www.youtube.com/user/GeoSolutionsIT http://www.linkedin.com/in/andreaaime http://twitter.com/geowolf ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Geoserver-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-users
