AnsweredAssumed Answered

Alfresco 5.0a community & certificate

Question asked by gerbenkwakkel on Oct 30, 2014
Latest reply on Nov 4, 2014 by angelborroy
In my environment running an Alfresco Community 5.0a on Ubuntu 12.04 LTS.

Now I have a certificate from GeoTrust added in my own keystore and added in server.xml:


<Connector port="8443" URIEncoding="UTF-8" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
               maxThreads="150" scheme="https" keystoreFile="/home/administrator/certificaat.dbiom.nl/certificaat.dbiom.nl.key" keystorePass="PASSWORD" keystoreType="JKS"
secure="true" connectionTimeout="240000" clientAuth="want" sslEnabledProtocols="TLSv1, TLSv1.1, TLSv1.2" allowUnsafeLegacyRenegotiation="true" maxHttpHeaderSize="32768" />


This certificate will work too. In Alfresco I come only many errors against, such as searching that no longer works, tags can not be retrieved.


javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
        at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
        at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
        at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:702)
        at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:122)
        at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
        at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
        at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:506)
        at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
        at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
        at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
        at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
        at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
        at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
        at org.alfresco.httpclient.AbstractHttpClient.executeMethod(AbstractHttpClient.java:135)
        at org.alfresco.httpclient.AbstractHttpClient.sendRemoteRequest(AbstractHttpClient.java:111)
        at org.alfresco.httpclient.HttpClientFactory$HttpsClient.sendRequest(HttpClientFactory.java:371)
        at org.alfresco.solr.client.SOLRAPIClient.getModelsDiff(SOLRAPIClient.java:1056)
        at org.alfresco.solr.tracker.CoreTracker.trackModelsImpl(CoreTracker.java:1950)
        at org.alfresco.solr.tracker.CoreTracker.trackModels(CoreTracker.java:4745)
        at org.alfresco.solr.tracker.CoreTracker.trackRepository(CoreTracker.java:1275)
        at org.alfresco.solr.tracker.CoreTracker.updateIndex(CoreTracker.java:561)
        at org.alfresco.solr.tracker.CoreTrackerJob.execute(CoreTrackerJob.java:45)
        at org.quartz.core.JobRunShell.run(JobRunShell.java:216)
        at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:563)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
        at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
        at sun.security.validator.Validator.validate(Validator.java:260)
        at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
        at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
        at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
        … 27 more


Error in Adminconsole -> Categorymanager


JavaException: org.alfresco.repo.search.impl.lucene.LuceneQueryParserException: 09300090 Request failed 401 /solr/alfresco/alfresco?wt=json&fl=DBID%2Cscore&rows=1000&df=TEXT&start=0&locale=nl_NL&alternativeDic=DEFAULT_DICTIONARY&fq=%7B%21afts%7DAUTHORITY_FILTER_FROM_JSON&fq=%7B%21afts%7DTENANT_FILTER_FROM_JSON


I added the certificate to the cacerts file, and nothing works.

Forgot or something?

Outcomes