Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Note: You may notice some temporary visual or styling issues in the Community. Our vendor is actively investigating.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Anonymous
Not applicable
‎2015-11-17 05:54 AM

Karaf and ssl

Hi all,
I'm trying to deploy a route on karaf, in this route i have a cxf with a https connexion,i have modified a org.ops4j.pax.web.cfg like this :

org.osgi.service.http.port=8040
org.osgi.service.http.port.secure=8081
org.osgi.service.http.secure.enabled=true
org.ops4j.pax.web.ssl.keystore.type=pkcs12
org.ops4j.pax.web.ssl.keystore=${karaf.base}/etc/aveo/cert/file.p12
org.ops4j.pax.web.ssl.password=pass
org.ops4j.pax.web.ssl.keypassword=pass
org.ops4j.pax.web.config.file=${karaf.base}/etc/jetty.xml


I have added a cert in firefox, but when i try access my wsdl I have got the following error :

2015-11-17 11:53:33,661 | WARN  | qtp703264812-163 | nio                              | tty.io.nio.SelectChannelEndPoint  652 | 58 - org.eclipse.jetty.util - 7.6.9.v20130131 | javax.net.ssl.SSLException: Inbound closed before receiving
 peer's close_notify: possible truncation attack?
2015-11-17 11:53:33,666 | WARN  | qtp703264812-159 | nio                              | tty.io.nio.SelectChannelEndPoint  652 | 58 - org.eclipse.jetty.util - 7.6.9.v20130131 | javax.net.ssl.SSLException: Inbound closed before receiving
 peer's close_notify: possible truncation attack?
2015-11-17 11:53:33,679 | WARN  | qtp703264812-161 | nio                              | tty.io.nio.SelectChannelEndPoint  652 | 58 - org.eclipse.jetty.util - 7.6.9.v20130131 | javax.net.ssl.SSLHandshakeException: null cert chain
2015-11-17 11:53:33,687 | WARN  | qtp703264812-158 | nio                              | tty.io.nio.SelectChannelEndPoint  652 | 58 - org.eclipse.jetty.util - 7.6.9.v20130131 | javax.net.ssl.SSLHandshakeException: null cert chain
2015-11-17 11:53:33,698 | WARN  | qtp703264812-159 | nio                              | tty.io.nio.SelectChannelEndPoint  652 | 58 - org.eclipse.jetty.util - 7.6.9.v20130131 | javax.net.ssl.SSLHandshakeException: null cert chain
2015-11-17 11:53:33,705 | WARN  | qtp703264812-161 | nio                              | tty.io.nio.SelectChannelEndPoint  652 | 58 - org.eclipse.jetty.util - 7.6.9.v20130131 | javax.net.ssl.SSLHandshakeException: null cert chain


can you help me ? 
best regard.

Labels (2)
Labels
436 Views
0 Likes
4 Replies
Anonymous
Not applicable
‎2015-11-17 06:18 AM
Author

This can be fiddly and if you don't get it exactly right, is not very easy to debug. Try the following blog post ( http://blog.nanthrax.net/2012/12/how-to-enable-https-certificate-client-auth-with-karaf/). It is by the guy who actually created the Apache Karaf project. I have used this blog as a starting point for most of the issues I have with Karaf.
436 Views
0 Likes
Anonymous
Not applicable
‎2015-11-17 06:54 AM
Author

Hi rhall_2.0,
Ty for your reply, but i already follow this topic ... and i have got my error.
436 Views
0 Likes
Anonymous
Not applicable
‎2015-11-17 07:00 AM
Author

The error looks like you are not sending a trusted certificate from the browser. Are you sure that it is configured properly in Firefox?
436 Views
0 Likes
Anonymous
Not applicable
‎2015-11-17 07:09 AM
Author

I think yes, when I check in firefox setting I can see that cert is valid.
I have juste import cert since cert folder.
436 Views
0 Likes