[CITE-Forum] Fwd: support for HTTPS sites

Sebastian Goerke goerke at lat-lon.de
Wed Aug 22 10:22:38 EDT 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Manas,

I cannot find any reason for using https instead of http for the
compliance testing of a WMS, because a standard setup regarding data
and so on is used for those tests.

Can you explain that a little more?

Regards

Sebastian

Am 21.08.2012 22:39, schrieb OGC Webmaster:
> 
> 
> -------- Original Message -------- Subject:     support for HTTPS
> sites Date:     Tue, 21 Aug 2012 20:33:19 +0000 From:     Manas Kar
> <Manas.Kar at exactearth.com> To:     webmaster at opengeospatial.org
> <webmaster at opengeospatial.org>
> 
> 
> 
> Hi,
> 
> We in our company are trying to certify our web service
> implementation to OGC compliant.
> 
> I am running into problems as the local test for wms fails because
> it does not like the HTTPS. ( we are planning to support only HTTP
> over SSL)
> 
> 1)We don’t have a valid certificate yet for the test machine that
> we want to certify.
> 
> 2)In production we will have a SSL certificate.
> 
> Can you please guide me to the right direction?
> 
> /(i.e. test has any configuration that will accept wms requests on
> https )/
> 
> Thanks
> 
> Manas
> 
> The stack trace looks like this
> 
> Testing suite wms-1.3.0:compliance_suite...
> 
> Testing main:main (s0001)...
> 
> Assertion: The implementation under test complies with the WMS
> 1.3.0 specification.
> 
> Aug 21, 2012 4:14:17 PM com.occamlab.te.TECore parse
> 
> SEVERE: parse Error
> 
> javax.net.ssl.SSLHandshakeException: 
> java.security.cert.CertificateException: No subject alternative
> names present
> 
> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
> 
> at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1868)
> 
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
> 
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
> 
> at 
> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1337)
>
> 
> 
> at 
> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:154)
>
>  at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
> 
> at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
> 
> at
> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:998)
> 
> at 
> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1294)
>
> 
> 
> at
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1321)
>
>  at
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1305)
>
>  at 
> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:523)
>
>  at 
> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java
>
> 
> 
> :185)
> 
> at 
> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1296)
>
> 
> 
> at 
> sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
>
> 
> 
> at com.occamlab.te.TECore.parse(TECore.java:1501)
> 
> at com.occamlab.te.TECore.parse(TECore.java:1486)
> 
> at com.occamlab.te.TECore.request(TECore.java:1123)
> 
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> 
> at 
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>
> 
> 
> at 
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>
> 
> 
> at java.lang.reflect.Method.invoke(Method.java:601)
> 
> at 
> net.sf.saxon.functions.ExtensionFunctionCall.invokeMethod(ExtensionFunctionCall.java:533)
>
> 
> 
> at 
> net.sf.saxon.functions.ExtensionFunctionCall.call(ExtensionFunctionCall.java:256)
>
> 
> 
> at 
> net.sf.saxon.functions.ExtensionFunctionCall.iterate(ExtensionFunctionCall.java:147)
>
> 
> 
> at
> net.sf.saxon.expr.PathExpression.iterate(PathExpression.java:848)
> 
> at
> net.sf.saxon.sort.DocumentSorter.iterate(DocumentSorter.java:84)
> 
> at
> net.sf.saxon.instruct.CopyOf.processLeavingTail(CopyOf.java:292)
> 
> at net.sf.saxon.instruct.Instruction.process(Instruction.java:94)
> 
> at
> net.sf.saxon.instruct.DocumentInstr.evaluateItem(DocumentInstr.java:282)
>
>  at
> net.sf.saxon.expr.ExpressionTool.evaluate(ExpressionTool.java:295)
> 
> at net.sf.saxon.expr.LetExpression.eval(LetExpression.java:341)
> 
> at net.sf.saxon.expr.LetExpression.process(LetExpression.java:372)
> 
> at
> net.sf.saxon.instruct.ForEach.processLeavingTail(ForEach.java:300)
> 
> at 
> net.sf.saxon.expr.LetExpression.processLeavingTail(LetExpression.java:551)
>
>  at
> net.sf.saxon.instruct.Template.applyLeavingTail(Template.java:175)
> 
> at 
> net.sf.saxon.instruct.ApplyTemplates.applyTemplates(ApplyTemplates.java:343)
>
> 
> 
> at net.sf.saxon.Controller.transformDocument(Controller.java:1736)
> 
> at net.sf.saxon.Controller.transform(Controller.java:1560)
> 
> at
> net.sf.saxon.s9api.XsltTransformer.transform(XsltTransformer.java:190)
>
>  at com.occamlab.te.TECore.executeTemplate(TECore.java:403)
> 
> at com.occamlab.te.TECore.executeTest(TECore.java:530)
> 
> at com.occamlab.te.TECore.execute_test(TECore.java:278)
> 
> at com.occamlab.te.TECore.execute_suite(TECore.java:310)
> 
> at com.occamlab.te.TECore.execute(TECore.java:233)
> 
> at com.occamlab.te.Test.main(Test.java:275)
> 
> Caused by: java.security.cert.CertificateException: No subject 
> alternative names present
> 
> at
> sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:142)
>
>  at
> sun.security.util.HostnameChecker.match(HostnameChecker.java:91)
> 
> at 
> sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:347)
>
> 
> 
> at 
> sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:203)
>
> 
> 
> at 
> sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
>
> 
> 
> at 
> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1319)
>
> 
> 
> ... 42 more
> 
> javax.net.ssl.SSLHandshakeException: 
> java.security.cert.CertificateException: No subject alternative
> names present
> 
> Error: The capabilities document does not contain a root element
> named WMS_Capabilities in the "http://www.opengis
> 
> .net/wms" namespace.
> 
> Further processing suspended.
> 
> Test main:main Failed
> 
> Suite wms-1.3.0:compliance_suite Failed
> 
> 
> 
> <www.exactearth.com><www.exactearth.com>         Manas Kar Test
> Engineer | exactEarth Ltd. 60 Struck Ct. Cambridge, Ontario N1R
> 8L2 office. +1.519.622.4445 ext. 5869 | direct: +1.519.620.5869 
> email. Manas.Kar at exactearth.com
> 
> web. www.exactearth.com
> 
> 
> 
> This e-mail and any attachment is for authorized use by the
> intended recipient(s) only. It contains proprietary or confidential
> information and is not to be copied, disclosed to, retained or used
> by, any other party. If you are not an intended recipient then
> please promptly delete this e-mail, any attachment and all copies
> and inform the sender. Thank you.
> 
> _______________________________________________ CITE-Forum mailing
> list CITE-Forum at lists.opengeospatial.org 
> https://lists.opengeospatial.org/mailman/listinfo/cite-forum

- -- 
l a t / l o n  GmbH
Aennchenstrasse 19               53177 Bonn, Germany
phone ++49 +228 18496-0          fax ++49 +228 18496-29
http://www.lat-lon.de            http://www.deegree.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAlA06y4ACgkQq1hDh4aJykLGaQCfUwXFu1AM4j2CLgwhsGFnGpuV
XJ8An2LhWBUXFRCHkcjuT4IhAXjJb+uo
=2pOo
-----END PGP SIGNATURE-----


More information about the CITE-Forum mailing list