Closed rhoml closed 7 years ago
The easiest way to solve it, is to trust your certificate which means adding it to your local java keystore. Found a step-by-step guide here: http://stackoverflow.com/questions/11617210/how-to-properly-import-a-selfsigned-certificate-into-java-keystore-that-is-avail#11617655
Yep, I tried that and added
-Djavax.net.ssl.trustStore=/etc/ssl/certs/java/cacerts
-Djavax.net.ssl.trustStorePassword=REDACTED
but still get the same error, is it possible that the plugin is not getting the right SSL cert?
i'll try to get that reproduced tomorrow and keep you updated
🙏 thanks
Hey nevermind I was importing the wrong certificate on the trust store. Everything is working like a charm.
Selfhealing, that's my favorite kind of issues :) Thanks for the fast feedback!
@pingunaut @rhoml Hi i am also getting this same issue So can you tell me which certificate i need to import to keystore ??
Hi @vaibhavbhanawat01 The certificate to be imported is the one you used to secure your crowd instance. You can easily obtain it for example like this
Now that you have the certificate, you can import it to your java keystore like this:
keytool -importcert -file [PATH_TO_CERTIFICATE] -keystore [PATH_TO_KEYSTORE_JKS] -alias "My Crowd cert"
Note: If there are multiple versions of Java present in your system, you need to check which Java installation is used by Nexus to ensure you choose the right keystore.
Hi @pingunaut i am trying to send the Sms using the Nexmo API. But i am getting this below error
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at sun.security.ssl.Handshaker.fatalSE(Unknown Source) at sun.security.ssl.Handshaker.fatalSE(Unknown Source) at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source) at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) at sun.security.ssl.Handshaker.processLoop(Unknown Source) at sun.security.ssl.Handshaker.process_record(Unknown Source) at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353) at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:134) at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353) at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380) at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184) at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88) at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55) at com.nexmo.client.voice.endpoints.AbstractMethod.execute(AbstractMethod.java:105) at com.nexmo.client.verify.endpoints.VerifyEndpoint.verify(VerifyEndpoint.java:100) at com.nexmo.client.verify.VerifyClient.verify(VerifyClient.java:79) at Nexmo.send2FACode(Nexmo.java:42) at Nexmo.main(Nexmo.java:23) Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.validator.PKIXValidator.doBuild(Unknown Source) at sun.security.validator.PKIXValidator.engineValidate(Unknown Source) at sun.security.validator.Validator.validate(Unknown Source) at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source) ... 26 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source) at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source) at java.security.cert.CertPathBuilder.build(Unknown Source) ... 32 more
@vaibhavbhanawat01 OK, I think this is a bit off topic... how does this relate to Sonatype Nexus OSS of Atlassian Crowd?
it is not related to Nexus OSS. But i am getting this same error while sending SMS using Nexmo API
OK, unfortunately I don't know the Nexmo API, but the steps above might work for you also, you just have to navigate to the API URL instead of a crowd URL. Otherwise it might bei a good idea to post your problem in a Nexmo related forum or a platform like StackOverflow, because is has basically nothing to do with this repo...
ok thanks @pingunaut
Out internal CROWD has a self signed certificate and I a getting this pretty stacktrace