Solved: Enabling client authentication for SSL and Configu... - Page 3 - Qlik Community

Anonymous · ‎2019-11-18

Hi community,

As described in the title of this topic, the two solutions described in the title of this topic don't work in my environment :

Enabling client authentication for SSL :

I tried to reproduce exactly the example given in the talend help https://help.talend.com/reader/yovCMqvJzyaSSSIdrlB4FQ/HlVXm6zYbAL14q4Lq84a1w , when i call my rest service from Chrome, Firefox, CURL or Postman after adding the client certificate it always show me "BAD CERTIFICATE", i added our certificate Authority and restarted karaf, always the same error message "BAD CERTIFICATE"

Configuring jetty for SSL :

As the first solution did not work for me, i tried the second solution by modifying the jetty.xml file and tested the one way ssl for example as described here : https://help.talend.com/reader/yovCMqvJzyaSSSIdrlB4FQ/xWGGon_HvMs8tUG8RhStDQ , after restarting karaf i'm not able to call the rest service.

here is my talend rest service used for the tests :

My first try by modifying the org.ops4j.pax.web.cfg and restarting karaf:

My second try by modifying the jetty.xml file and adding my connector and restarting karaf:

Any answer, suggestion would be very appreciated.

Thank you in advance.

Anonymous · ‎2019-12-02

Ok.

Now iam creating two connectors in jetty.xml file, so two ports are used :

- 8043 : used for all data services using https and one way ssl (client is not forced to be trusted)

- 8053 : used for all data services using https and two way ssl (client is forced to be trusted)

How can i set a data service to use only the desired connector because when i deploy it in karaf as osgi bundle (.jar), it becomes accessible from all port i created in jetty.xml file.

Regards

Anonymous · ‎2019-12-02

I have raised the v7.2 issue as well. Thank you for pointing it out.

Regarding your new question, could you raise a new question please? That is the sort of thing that might be quite useful to others, but can get lost when it is added to the end of another question.

Anonymous · ‎2019-12-02

Hi @rhall ,

Yes Surely.

I close this topic with with a status as resolved.

Regards

troseberry · ‎2019-12-02

I have the same issue. You said that you raised this issue. Is there any type of reference JIRA issue number we can follow for resolution on this?

Anonymous · ‎2019-12-02

If you are using Talend Open Studio, revert back to v7.1. I know that version works. I experienced issues with v7.2 and v7.3 M3. I've raised Jiras with both of these. The Jira I have raised is here https://jira.talendforge.org/browse/TESB-27544 . I believe you need to be logged in to see it.

troseberry · ‎2019-12-04

I am logged into the support portal and I cannot find that issue TESB-27544 you referenced. I get an error that it does not exist or I do not have access. Can you reconfirm the issue number?

Anonymous · ‎2019-12-04

If you cannot access it via the link, it must have been assigned an internal Talend status by whoever is looking at it. This is likely because it was raised by someone internal (me) and it was raised against a milestone release initially. I've just checked and there has been no update. I will keep you informed. In the meantime, v7.1 will work.

Enabling client authentication for SSL and Configuring jetty for SSL don't work

Other

REST

v7.x