Announcement

Collapse
No announcement yet.

certification path issue with OXtender for Business Mobility

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • certification path issue with OXtender for Business Mobility

    Hello,

    After having successfully installed and used OXtender for Business Mobility (both the beta version and the release), we had to provide a new alias for our Open-Xchange server, and we have associated a new certificate to this new machine alias (we are using https).

    Since then, use of OXtender for Business Mobility fails will the following log:

    FINE: HTTP POST command:FolderSync, user:myuser, deviceId:Appl879786L8Y7H, deviceType:iPhone
    Oct 1, 2009 1:35:50 PM com.openexchange.usm.ox_json.impl.OXJSONAccessImpl login
    WARNING: 0:0:myuser:EAS:Appl879786L8Y7H Error while authenticating
    18000e: com.openexchange.usm.api.exceptions.OXCommunicatio nException: Exception occurred during communication with OX server
    at com.openexchange.usm.ox_json.impl.OXJSONAccessImpl .executeMethodOnce(OXJSONAccessImpl.java:315)
    at com.openexchange.usm.ox_json.impl.OXJSONAccessImpl .performLogin(OXJSONAccessImpl.java:93)
    at com.openexchange.usm.ox_json.impl.OXJSONAccessImpl .login(OXJSONAccessImpl.java:55)
    at com.openexchange.usm.ox_json.impl.OXJSONAccessServ ice.login(OXJSONAccessService.java:58)
    at com.openexchange.usm.session.impl.SessionManagerIm pl.getSession(SessionManagerImpl.java:137)
    at com.openexchange.usm.session.impl.SessionManagerSe rvice.getSession(SessionManagerService.java:26)
    at com.openexchange.usm.eas.servlet.EASServlet.handle Request(EASServlet.java:421)
    at com.openexchange.usm.eas.servlet.EASServlet.doPost (EASServlet.java:310)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:616)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:689)
    at com.openexchange.ajp13.najp.AJPv13RequestHandlerIm pl.doServletService(AJPv13RequestHandlerImpl.java: 433)
    at com.openexchange.ajp13.AJPv13Request.response(AJPv 13Request.java:128)
    at com.openexchange.ajp13.najp.AJPv13RequestHandlerIm pl.createResponse(AJPv13RequestHandlerImpl.java:28 6)
    at com.openexchange.ajp13.najp.AJPv13ConnectionImpl.c reateResponse(AJPv13ConnectionImpl.java:189)
    at com.openexchange.ajp13.najp.AJPv13Task.run(AJPv13T ask.java:281)
    at java.util.concurrent.Executors$RunnableAdapter.cal l(Executors.java:417)
    at java.util.concurrent.FutureTask$Sync.innerRun(Futu reTask.java:269)
    at java.util.concurrent.FutureTask.run(FutureTask.jav a:123)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run Task(ThreadPoolExecutor.java:650)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:675)
    at java.lang.Thread.run(Thread.java:595)
    Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderE xception: unable to find valid certification path to requested target
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLExceptio n(Alerts.java:150)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(S SLSocketImpl.java:1584)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Ha ndshaker.java:174)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Ha ndshaker.java:168)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serv erCertificate(ClientHandshaker.java:848)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.proc essMessage(ClientHandshaker.java:106)
    at com.sun.net.ssl.internal.ssl.Handshaker.processLoo p(Handshaker.java:495)
    at com.sun.net.ssl.internal.ssl.Handshaker.process_re cord(Handshaker.java:433)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRec ord(SSLSocketImpl.java:877)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.perform InitialHandshake(SSLSocketImpl.java:1089)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRe cord(SSLSocketImpl.java:618)
    at com.sun.net.ssl.internal.ssl.AppOutputStream.write (AppOutputStream.java:59)
    at java.io.BufferedOutputStream.flushBuffer(BufferedO utputStream.java:65)
    at java.io.BufferedOutputStream.flush(BufferedOutputS tream.java:123)
    at org.apache.commons.httpclient.methods.EntityEnclos ingMethod.writeRequestBody(EntityEnclosingMethod.j ava:506)
    at org.apache.commons.httpclient.HttpMethodBase.write Request(HttpMethodBase.java:2114)
    at org.apache.commons.httpclient.HttpMethodBase.execu te(HttpMethodBase.java:1096)
    at org.apache.commons.httpclient.HttpMethodDirector.e xecuteWithRetry(HttpMethodDirector.java:398)
    at org.apache.commons.httpclient.HttpMethodDirector.e xecuteMethod(HttpMethodDirector.java:171)
    at org.apache.commons.httpclient.HttpClient.executeMe thod(HttpClient.java:397)
    at org.apache.commons.httpclient.HttpClient.executeMe thod(HttpClient.java:323)
    at com.openexchange.usm.ox_json.impl.OXJSONAccessImpl .executeMethodOnce(OXJSONAccessImpl.java:304)
    ... 20 more
    Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderE xception: unable to find valid certification path to requested target
    at sun.security.validator.PKIXValidator.doBuild(PKIXV alidator.java:221)
    at sun.security.validator.PKIXValidator.engineValidat e(PKIXValidator.java:145)
    at sun.security.validator.Validator.validate(Validato r.java:203)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl. checkServerTrusted(X509TrustManagerImpl.java:172)
    at com.sun.net.ssl.internal.ssl.JsseX509TrustManager. checkServerTrusted(SSLContextImpl.java:320)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serv erCertificate(ClientHandshaker.java:841)
    ... 37 more


    The new certificate is signed by an internal certificate authority, so I have added this new authority to the list of trusted authorities using keytool:

    keytool -import -file myauth.crt -trustcacerts -keystore /usr/lib/jvm/java-1.5.0-sun/jre/lib/security/cacerts -alias my-auth

    It doesn't seem to help.

    Any help will be appreciated.

    Kind regards,

    Michaƫl
Working...
X