[CITE-Forum] Fwd: support for HTTPS sites

Henning Bredel h.bredel at 52north.org
Wed Aug 22 11:30:11 EDT 2012


You can try to import your (not yet officially certified) certificate to 
the Java keystore. There are lots of how tos on the web you can find via 
your favourite search engine.

However, here is an example:

http://www.sslshopper.com/article-most-common-java-keytool-keystore-commands.html

Steps include:
-> download/save the certificate to import
-> import via keytool (via admin commandline)

Best

   Henning

Am 21.08.2012 22:39, schrieb OGC Webmaster:
>
>
> -------- Original Message --------
> Subject:     support for HTTPS sites
> Date:     Tue, 21 Aug 2012 20:33:19 +0000
> From:     Manas Kar <Manas.Kar at exactearth.com>
> To:     webmaster at opengeospatial.org <webmaster at opengeospatial.org>
>
>
>
> Hi,
>
> We in our company are trying to certify our web service implementation
> to OGC compliant.
>
> I am running into problems as the local test for wms fails because it
> does not like the HTTPS. ( we are planning to support only HTTP over SSL)
>
> 1)We don’t have a valid certificate yet for the test machine that we
> want to certify.
>
> 2)In production we will have a SSL certificate.
>
> Can you please guide me to the right direction?
>
> /(i.e. test has any configuration that will accept wms requests on https )/
>
> Thanks
>
> Manas
>
> The stack trace looks like this
>
> Testing suite wms-1.3.0:compliance_suite...
>
> Testing main:main (s0001)...
>
> Assertion: The implementation under test complies with the WMS 1.3.0
> specification.
>
> Aug 21, 2012 4:14:17 PM com.occamlab.te.TECore parse
>
> SEVERE: parse Error
>
> javax.net.ssl.SSLHandshakeException:
> java.security.cert.CertificateException: No subject alternative names
> present
>
> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
>
> at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1868)
>
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
>
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
>
> at
> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1337)
>
>
> at
> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:154)
>
> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
>
> at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
>
> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:998)
>
> at
> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1294)
>
>
> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1321)
>
> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1305)
>
> at
> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:523)
>
> at
> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java
>
>
> :185)
>
> at
> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1296)
>
>
> at
> sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
>
>
> at com.occamlab.te.TECore.parse(TECore.java:1501)
>
> at com.occamlab.te.TECore.parse(TECore.java:1486)
>
> at com.occamlab.te.TECore.request(TECore.java:1123)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>
>
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>
>
> at java.lang.reflect.Method.invoke(Method.java:601)
>
> at
> net.sf.saxon.functions.ExtensionFunctionCall.invokeMethod(ExtensionFunctionCall.java:533)
>
>
> at
> net.sf.saxon.functions.ExtensionFunctionCall.call(ExtensionFunctionCall.java:256)
>
>
> at
> net.sf.saxon.functions.ExtensionFunctionCall.iterate(ExtensionFunctionCall.java:147)
>
>
> at net.sf.saxon.expr.PathExpression.iterate(PathExpression.java:848)
>
> at net.sf.saxon.sort.DocumentSorter.iterate(DocumentSorter.java:84)
>
> at net.sf.saxon.instruct.CopyOf.processLeavingTail(CopyOf.java:292)
>
> at net.sf.saxon.instruct.Instruction.process(Instruction.java:94)
>
> at net.sf.saxon.instruct.DocumentInstr.evaluateItem(DocumentInstr.java:282)
>
> at net.sf.saxon.expr.ExpressionTool.evaluate(ExpressionTool.java:295)
>
> at net.sf.saxon.expr.LetExpression.eval(LetExpression.java:341)
>
> at net.sf.saxon.expr.LetExpression.process(LetExpression.java:372)
>
> at net.sf.saxon.instruct.ForEach.processLeavingTail(ForEach.java:300)
>
> at
> net.sf.saxon.expr.LetExpression.processLeavingTail(LetExpression.java:551)
>
> at net.sf.saxon.instruct.Template.applyLeavingTail(Template.java:175)
>
> at
> net.sf.saxon.instruct.ApplyTemplates.applyTemplates(ApplyTemplates.java:343)
>
>
> at net.sf.saxon.Controller.transformDocument(Controller.java:1736)
>
> at net.sf.saxon.Controller.transform(Controller.java:1560)
>
> at net.sf.saxon.s9api.XsltTransformer.transform(XsltTransformer.java:190)
>
> at com.occamlab.te.TECore.executeTemplate(TECore.java:403)
>
> at com.occamlab.te.TECore.executeTest(TECore.java:530)
>
> at com.occamlab.te.TECore.execute_test(TECore.java:278)
>
> at com.occamlab.te.TECore.execute_suite(TECore.java:310)
>
> at com.occamlab.te.TECore.execute(TECore.java:233)
>
> at com.occamlab.te.Test.main(Test.java:275)
>
> Caused by: java.security.cert.CertificateException: No subject
> alternative names present
>
> at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:142)
>
> at sun.security.util.HostnameChecker.match(HostnameChecker.java:91)
>
> at
> sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:347)
>
>
> at
> sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:203)
>
>
> at
> sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
>
>
> at
> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1319)
>
>
> ... 42 more
>
> javax.net.ssl.SSLHandshakeException:
> java.security.cert.CertificateException: No subject alternative names
> present
>
> Error: The capabilities document does not contain a root element named
> WMS_Capabilities in the "http://www.opengis
>
> .net/wms" namespace.
>
> Further processing suspended.
>
> Test main:main Failed
>
> Suite wms-1.3.0:compliance_suite Failed
>
>
>
> <www.exactearth.com><www.exactearth.com>         Manas Kar
> Test Engineer | exactEarth Ltd.
> 60 Struck Ct. Cambridge, Ontario N1R 8L2
> office. +1.519.622.4445 ext. 5869 | direct: +1.519.620.5869
> email. Manas.Kar at exactearth.com
>
> web. www.exactearth.com
>
>
>
> This e-mail and any attachment is for authorized use by the intended
> recipient(s) only. It contains proprietary or confidential information
> and is not to be copied, disclosed to, retained or used by, any other
> party. If you are not an intended recipient then please promptly delete
> this e-mail, any attachment and all copies and inform the sender. Thank
> you.
>
> _______________________________________________
> CITE-Forum mailing list
> CITE-Forum at lists.opengeospatial.org
> https://lists.opengeospatial.org/mailman/listinfo/cite-forum
>


-- 
Henning Bredel
52°North Initiative for Geospatial Open Source Software GmbH
Martin-Luther-King-Weg 24
48155 Münster
Fon: +49-(0)-251–396371-34
Fax: +49-(0)-251–396371-11
email: h.bredel at 52North.org
52North-site: http://www.52north.org
General Managers: Dr. Albert Remke, Dr. Andreas Wytzisk
Local Court Muenster HRB 10849


More information about the CITE-Forum mailing list