Tweet
Hello,
After having successfully installed and used OXtender for Business Mobility (both the beta version and the release), we had to provide a new alias for our Open-Xchange server, and we have associated a new certificate to this new machine alias (we are using https).
Since then, use of OXtender for Business Mobility fails will the following log:
FINE: HTTP POST command:FolderSync, user:myuser, deviceId:Appl879786L8Y7H, deviceType:iPhone
Oct 1, 2009 1:35:50 PM com.openexchange.usm.ox_json.impl.OXJSONAccessImpl login
WARNING: 0:0:myuser:EAS:Appl879786L8Y7H Error while authenticating
18000e: com.openexchange.usm.api.exceptions.OXCommunicatio nException: Exception occurred during communication with OX server
at com.openexchange.usm.ox_json.impl.OXJSONAccessImpl .executeMethodOnce(OXJSONAccessImpl.java:315)
at com.openexchange.usm.ox_json.impl.OXJSONAccessImpl .performLogin(OXJSONAccessImpl.java:93)
at com.openexchange.usm.ox_json.impl.OXJSONAccessImpl .login(OXJSONAccessImpl.java:55)
at com.openexchange.usm.ox_json.impl.OXJSONAccessServ ice.login(OXJSONAccessService.java:58)
at com.openexchange.usm.session.impl.SessionManagerIm pl.getSession(SessionManagerImpl.java:137)
at com.openexchange.usm.session.impl.SessionManagerSe rvice.getSession(SessionManagerService.java:26)
at com.openexchange.usm.eas.servlet.EASServlet.handle Request(EASServlet.java:421)
at com.openexchange.usm.eas.servlet.EASServlet.doPost (EASServlet.java:310)
at javax.servlet.http.HttpServlet.service(HttpServlet .java:616)
at javax.servlet.http.HttpServlet.service(HttpServlet .java:689)
at com.openexchange.ajp13.najp.AJPv13RequestHandlerIm pl.doServletService(AJPv13RequestHandlerImpl.java: 433)
at com.openexchange.ajp13.AJPv13Request.response(AJPv 13Request.java:128)
at com.openexchange.ajp13.najp.AJPv13RequestHandlerIm pl.createResponse(AJPv13RequestHandlerImpl.java:28 6)
at com.openexchange.ajp13.najp.AJPv13ConnectionImpl.c reateResponse(AJPv13ConnectionImpl.java:189)
at com.openexchange.ajp13.najp.AJPv13Task.run(AJPv13T ask.java:281)
at java.util.concurrent.Executors$RunnableAdapter.cal l(Executors.java:417)
at java.util.concurrent.FutureTask$Sync.innerRun(Futu reTask.java:269)
at java.util.concurrent.FutureTask.run(FutureTask.jav a:123)
at java.util.concurrent.ThreadPoolExecutor$Worker.run Task(ThreadPoolExecutor.java:650)
at java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:675)
at java.lang.Thread.run(Thread.java:595)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderE xception: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLExceptio n(Alerts.java:150)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(S SLSocketImpl.java:1584)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Ha ndshaker.java:174)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Ha ndshaker.java:168)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serv erCertificate(ClientHandshaker.java:848)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.proc essMessage(ClientHandshaker.java:106)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoo p(Handshaker.java:495)
at com.sun.net.ssl.internal.ssl.Handshaker.process_re cord(Handshaker.java:433)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRec ord(SSLSocketImpl.java:877)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.perform InitialHandshake(SSLSocketImpl.java:1089)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRe cord(SSLSocketImpl.java:618)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write (AppOutputStream.java:59)
at java.io.BufferedOutputStream.flushBuffer(BufferedO utputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputS tream.java:123)
at org.apache.commons.httpclient.methods.EntityEnclos ingMethod.writeRequestBody(EntityEnclosingMethod.j ava:506)
at org.apache.commons.httpclient.HttpMethodBase.write Request(HttpMethodBase.java:2114)
at org.apache.commons.httpclient.HttpMethodBase.execu te(HttpMethodBase.java:1096)
at org.apache.commons.httpclient.HttpMethodDirector.e xecuteWithRetry(HttpMethodDirector.java:398)
at org.apache.commons.httpclient.HttpMethodDirector.e xecuteMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMe thod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMe thod(HttpClient.java:323)
at com.openexchange.usm.ox_json.impl.OXJSONAccessImpl .executeMethodOnce(OXJSONAccessImpl.java:304)
... 20 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderE xception: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXV alidator.java:221)
at sun.security.validator.PKIXValidator.engineValidat e(PKIXValidator.java:145)
at sun.security.validator.Validator.validate(Validato r.java:203)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl. checkServerTrusted(X509TrustManagerImpl.java:172)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager. checkServerTrusted(SSLContextImpl.java:320)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serv erCertificate(ClientHandshaker.java:841)
... 37 more
The new certificate is signed by an internal certificate authority, so I have added this new authority to the list of trusted authorities using keytool:
keytool -import -file myauth.crt -trustcacerts -keystore /usr/lib/jvm/java-1.5.0-sun/jre/lib/security/cacerts -alias my-auth
It doesn't seem to help.
Any help will be appreciated.
Kind regards,
Michaƫl
After having successfully installed and used OXtender for Business Mobility (both the beta version and the release), we had to provide a new alias for our Open-Xchange server, and we have associated a new certificate to this new machine alias (we are using https).
Since then, use of OXtender for Business Mobility fails will the following log:
FINE: HTTP POST command:FolderSync, user:myuser, deviceId:Appl879786L8Y7H, deviceType:iPhone
Oct 1, 2009 1:35:50 PM com.openexchange.usm.ox_json.impl.OXJSONAccessImpl login
WARNING: 0:0:myuser:EAS:Appl879786L8Y7H Error while authenticating
18000e: com.openexchange.usm.api.exceptions.OXCommunicatio nException: Exception occurred during communication with OX server
at com.openexchange.usm.ox_json.impl.OXJSONAccessImpl .executeMethodOnce(OXJSONAccessImpl.java:315)
at com.openexchange.usm.ox_json.impl.OXJSONAccessImpl .performLogin(OXJSONAccessImpl.java:93)
at com.openexchange.usm.ox_json.impl.OXJSONAccessImpl .login(OXJSONAccessImpl.java:55)
at com.openexchange.usm.ox_json.impl.OXJSONAccessServ ice.login(OXJSONAccessService.java:58)
at com.openexchange.usm.session.impl.SessionManagerIm pl.getSession(SessionManagerImpl.java:137)
at com.openexchange.usm.session.impl.SessionManagerSe rvice.getSession(SessionManagerService.java:26)
at com.openexchange.usm.eas.servlet.EASServlet.handle Request(EASServlet.java:421)
at com.openexchange.usm.eas.servlet.EASServlet.doPost (EASServlet.java:310)
at javax.servlet.http.HttpServlet.service(HttpServlet .java:616)
at javax.servlet.http.HttpServlet.service(HttpServlet .java:689)
at com.openexchange.ajp13.najp.AJPv13RequestHandlerIm pl.doServletService(AJPv13RequestHandlerImpl.java: 433)
at com.openexchange.ajp13.AJPv13Request.response(AJPv 13Request.java:128)
at com.openexchange.ajp13.najp.AJPv13RequestHandlerIm pl.createResponse(AJPv13RequestHandlerImpl.java:28 6)
at com.openexchange.ajp13.najp.AJPv13ConnectionImpl.c reateResponse(AJPv13ConnectionImpl.java:189)
at com.openexchange.ajp13.najp.AJPv13Task.run(AJPv13T ask.java:281)
at java.util.concurrent.Executors$RunnableAdapter.cal l(Executors.java:417)
at java.util.concurrent.FutureTask$Sync.innerRun(Futu reTask.java:269)
at java.util.concurrent.FutureTask.run(FutureTask.jav a:123)
at java.util.concurrent.ThreadPoolExecutor$Worker.run Task(ThreadPoolExecutor.java:650)
at java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:675)
at java.lang.Thread.run(Thread.java:595)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderE xception: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLExceptio n(Alerts.java:150)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(S SLSocketImpl.java:1584)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Ha ndshaker.java:174)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Ha ndshaker.java:168)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serv erCertificate(ClientHandshaker.java:848)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.proc essMessage(ClientHandshaker.java:106)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoo p(Handshaker.java:495)
at com.sun.net.ssl.internal.ssl.Handshaker.process_re cord(Handshaker.java:433)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRec ord(SSLSocketImpl.java:877)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.perform InitialHandshake(SSLSocketImpl.java:1089)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRe cord(SSLSocketImpl.java:618)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write (AppOutputStream.java:59)
at java.io.BufferedOutputStream.flushBuffer(BufferedO utputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputS tream.java:123)
at org.apache.commons.httpclient.methods.EntityEnclos ingMethod.writeRequestBody(EntityEnclosingMethod.j ava:506)
at org.apache.commons.httpclient.HttpMethodBase.write Request(HttpMethodBase.java:2114)
at org.apache.commons.httpclient.HttpMethodBase.execu te(HttpMethodBase.java:1096)
at org.apache.commons.httpclient.HttpMethodDirector.e xecuteWithRetry(HttpMethodDirector.java:398)
at org.apache.commons.httpclient.HttpMethodDirector.e xecuteMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMe thod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMe thod(HttpClient.java:323)
at com.openexchange.usm.ox_json.impl.OXJSONAccessImpl .executeMethodOnce(OXJSONAccessImpl.java:304)
... 20 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderE xception: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXV alidator.java:221)
at sun.security.validator.PKIXValidator.engineValidat e(PKIXValidator.java:145)
at sun.security.validator.Validator.validate(Validato r.java:203)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl. checkServerTrusted(X509TrustManagerImpl.java:172)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager. checkServerTrusted(SSLContextImpl.java:320)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serv erCertificate(ClientHandshaker.java:841)
... 37 more
The new certificate is signed by an internal certificate authority, so I have added this new authority to the list of trusted authorities using keytool:
keytool -import -file myauth.crt -trustcacerts -keystore /usr/lib/jvm/java-1.5.0-sun/jre/lib/security/cacerts -alias my-auth
It doesn't seem to help.
Any help will be appreciated.
Kind regards,
Michaƫl