[Laszlo-user] LPS need some setting to use SSL?

Tue Nov 13 00:05:37 PST 2007

Hi Ong,

Thank you for your so quick reply.
I read the page as you said. There were a lot of steps to use SSL. =-O
I am wondering this configuration ( apache/tomcat/lps ) need so high
level setting to use SSL.
Are there any another simple procedure ?
In the configuration without LPS, it worked fine. So i doubt just in LPS.

Keiji Ono
keiji_ono at net8.co.jp

Ong Leong Seng wrote:

>Hi,
>
>I believe you configure your SSL at httpd that require client cert for verification. 
>
>You need to import your server cert and ca cert to java runtime keystore file. For my case which run linux, this file stored at /usr/java/jdkxxx/jre/lib/security/ and the file name is jssecacert or cacert.
>
>One imported, then you need to restart tomcat. This happened due to java runtime also verify the client cert that pass from httpd to tomcat. However, before the CA and server cert is added, java runtime can't identify the CA cert to validate the client cert.
>
>Please refer to this link to understand more http://marc.info/?l=tomcat-user&m=106293430225790&w=2
>
>Hope my suggestion work for you.
>
>Cheers,
>James
>
>
>
>-----Original Message-----
>From: laszlo-user-bounces at openlaszlo.org [mailto:laszlo-user-bounces at openlaszlo.org] On Behalf Of keiji Ono
>Sent: Tuesday, November 13, 2007 2:44 PM
>To: Laszlo Users
>Subject: [Laszlo-user] LPS need some setting to use SSL?
>
>Hi,
>
>I am working on lps-3.4.0 on Apache/Tomcat.
>When i was using SSL on Proxy mode, i got error as following in lps.log
>file.
>And a server side program( jsp ) did not return any responses.
>
><?xml version="1.0" encoding="UTF-8"?><!DOCTYPE
>laszlo-data><resultset><error status="2"
>msg="https://myserver.com/my-test/myjsp.jsp data source error: SSL
>exception occurred: sun.security.validator.ValidatorException: PKIX path
>building failed:
>sun.security.provider.certpath.SunCertPathBuilderException: unable to
>find valid certification path to requested target"/></resultset>
>
>I found the similar trouble in the forum, but it was just on Tomcat ( no
>Apache ) and it was so old comment.
>http://forum.openlaszlo.org/showthread.php?t=509
>
>I confirmed it works on SOLO, but on Proxy did not work. It should be
>need some setting on LPS, i guess.
>But i have no idea to resolve this issue.
>My environments are as following.
>
>OS: Client WinXP Server Linux
>Tomcat: 5.0.28
>Apache: 2.0.49
>OpenSSL: 0.9.7d
>mod_jk: 1.2.25
>Cert: my cert ( create by myself )
>
>Thanks in advance.
>
>Keiji Ono
>keiji_ono at net8.co.jp
>
>No virus found in this incoming message.
>Checked by AVG Free Edition. 
>Version: 7.5.503 / Virus Database: 269.15.30/1127 - Release Date: 11/12/2007 9:19 PM
> 
>
>No virus found in this outgoing message.
>Checked by AVG Free Edition. 
>Version: 7.5.503 / Virus Database: 269.15.30/1127 - Release Date: 11/12/2007 9:19 PM
> 
>
>------------------------------------------------------------------
>-
>-
>-
>DISCLAIMER: 
>
>This e-mail (including any attachments) may contain confidential 
>information. If you are not the intended recipient, you are hereby 
>notified that any dealing, review, distribution, printing, copying 
>or use of this e-mail is strictly prohibited. If you have received 
>this email in error, please notify the sender or MIMOS Berhad 
>immediately and delete the original message. Opinions, conclusions 
>and other information in this e-mail that do not relate to the 
>official business of MIMOS Berhad and/or its subsidiaries shall be 
>understood as neither given nor endorsed by MIMOS Berhad and/or its 
>subsidiaries and neither MIMOS Berhad nor its subsidiaries accepts 
>responsibility for the same. All liability arising from or in 
>connection with computer viruses and/or corrupted e-mails is 
>excluded to the fullest extent permitted by law.
>
>
>
>  
>

-- 
------------------------------------------
（株）ネットエイト
小野圭二
keiji_ono at net8.co.jp
東京都江戸川区瑞江1-45-11
TEL 03(3676)6599
URL http://www.net8.co.jp
------------------------------------------