mkurtak
commented
4 years ago Hi, Have you found some workaround? I've tried to run /opt/cerebro/bin/cerebro -Dcom.sun.net.ssl.checkRevocation=false, but it does not work. Thank you
Open mmusolesi opened 4 years ago
mkurtak
commented
4 years ago Hi, Have you found some workaround? I've tried to run /opt/cerebro/bin/cerebro -Dcom.sun.net.ssl.checkRevocation=false, but it does not work. Thank you
mmusolesi
commented
4 years ago Hi,
no way, I do not yet find a solution.
I noted to try again by using a trustmanager (see https://www.playframework.com/documentation/2.5.x/WSQuickStart)
but I had no time. I'll do as soon
Kind Regards
mkurtak
commented
4 years ago Hi, I've found a workaround:
keytool -import -alias myalias -keystore my.keystore -trustcacerts -file your-certificate.cer./bin/cerebro -Djavax.net.ssl.trustStore=./conf/my.keystore -Djavax.net.ssl.trustStorePassword=your-password
ogger
commented
3 years ago HiHo, Could you paste your config? If i switch to sasl it wont work for me.
We are configuring Cerebro to autheticate users by LDAP on Active directory, but authetication fails with: Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
we tried to disable certification validation with these parameters in application.conf: play.ws.ssl.loose.allowWeakCiphers = true play.ws.ssl.loose.allowWeakProtocols = true play.ws.ssl.loose.acceptAnyCertificate = true play.ws.ssl.loose.disableHostnameVerification = true
Cerebro continues to check certificate and fails authentcation.
we tried to debug problem by play.ws.ssl.debug.all = true but cerebro fails to start
Any idea?