solth
commented
2 years ago I think this is caused by your domain using a certificate that the Java runtime does not know anything about, for example when its a self-issued certificate.
To solve this, you can add the certificate to the Java keystore using the keytool command:
keytool -import -v -trustcacerts -alias [DOMAIN_NAME] -file [CERTIFICATE_NAME].crt.pem -keystore [PATH_TO_YOUR_JAVA_KEYSTORE_FILE] -noprompt -storepass changeit
stefanCCS
I have tried to use an Elasticsearch-Server (different machine than the Kitodo-VM), which uses https as protocal and http-auth. Both (protocol and auth) I have setup in kitodo-config.properties like this:
I can check, that the Elastic-Search-Server is reachable via a tool (Cerebro), and also a curl from Kitodo-VM gets a result:
curl -XGET https://<myelasticsearchserver>:9200 -u '<user>:<pwd>' --insecureBut, Kitodo does not get a connection. In catalina.out the following error messages is available:Der Elasticsearch Server ist nicht erreichbar.: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target--> I assume, this is because of protocal (https) and/or usage of http-auth --> please clarify.