Open GoogleCodeExporter opened 8 years ago
I notice that the problem have been discussed in issue 14,and I try node86,but
it doesn't help.
Original comment by siukun89
on 18 Jan 2013 at 5:39
When you connect over HTTPS, your browser validates the server certificate. The
server certificate should be signed by a trusted certificate authority. Your
browser has a collection of trusted certificate authorities, and when the
server certificate is not signed by one of those trusted certificate
authorities, your browser will show a certificate error.
The OPENSHIFT server certificates on port 8443 are self-signed certificates.
The OPENSHIFT server certificates on port 8443 are not signed by a trusted
certificate authority. So, you have to configure your browser to trust that
self-signed certificate.
JAP works like your browser. You have to configure JAP to trust that
self-signed certificate.
PYTHON/TWISTED/PYOPENSSL does not have a collection of trusted certificate
authorities, and by default does not validate server certificates.
JAVASCRIPT/NODE does have a collection of trusted certificate authorities, and
by default does validate server certificates.
So even though JAP_WS_LOCAL_PYTHON works, for now, without configuring
JAP_WS_LOCAL_PYTHON to trust that self-signed certificate, you should.
Also, when you create an OPENSHIFT application, your application is installed
on one of the OPENSHIFT servers (and you do not know which OPENSHIFT server),
and all OPENSHIFT servers have different certificates. So you have to configure
JAP with the correct server certificate.
Original comment by jeroen.v...@gmail.com
on 18 Jan 2013 at 7:56
[deleted comment]
You can download the server certificate with OPENSSL:
openssl s_client -connect XXX-YYY.rhcloud.com:8443
Original comment by jeroen.v...@gmail.com
on 18 Jan 2013 at 1:12
Attachments:
Get it. Thx!
Mine is ex-std-node68.prod.rhcloud.com.
Original comment by ksdaf...@gmail.com
on 18 Jan 2013 at 4:09
I download the certificate from firefox and openssl command line.
They both show node52.
I put the certificate in the same folder with jap,and configure local json.
But it still shows "certificate not ok".
Original comment by siukun89
on 23 Jan 2013 at 7:18
Attachments:
Can you attach your certificate?
Can you attach a screenshot of "openssl s_client -connect
XXX-YYY.rhcloud.com:8443"?
Does JAP work when you configure JAP_WS_LOCAL.json without certificate?
Original comment by jeroen.v...@gmail.com
on 23 Jan 2013 at 7:25
Only configure https(username,pwd) without certificate Jap works correcly.
Original comment by siukun89
on 23 Jan 2013 at 7:39
Attachments:
As far as I can see, everything is ok (except for the certificate).
What is your REMOTE_PROXY_SERVER/ADDRESS (you can also EMAIL jer..@gmail.com)?
Original comment by jeroen.v...@gmail.com
on 23 Jan 2013 at 8:25
Yah!After I install JAP on another server node99,problem solved!
Maybe there's some problem with certificate for node52.
Thanks for all your help!
Original comment by siukun89
on 24 Jan 2013 at 2:21
No problem :)
Original comment by jeroen.v...@gmail.com
on 24 Jan 2013 at 6:18
Original issue reported on code.google.com by
siukun89
on 18 Jan 2013 at 5:21