#11137 closed enhancement (wontfix)
Connecting with WMS using self-signed certificate
| Reported by: | anonymous | Owned by: | team |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | Core imagery | Version: | latest |
| Keywords: | template_report, wms, ssl | Cc: |
Description
What steps will reproduce the problem?
- Add wms with self-signed/not verified (?) certificate
What happens instead?
First problem: WMS don't working, red tiles.
Second problem: Error when got 302 redirect
http://emuia.gugik.gov.pl:80/
redirecting 302 to
https://emuia.gugik.gov.pl/
1. wms:http://emuia.gugik.gov.pl:80/wmsproxy/emuia/wms?SERVICE=WMS&FORMAT=image/png&TRANSPARENT=TRUE&VERSION=1.1.1&SERVICE=WMS&REQUEST=GetMap&LAYERS=emuia:layer_miejscowosci_granica&STYLES=&SRS={proj}&WIDTH={width}&HEIGHT={height}&BBOX={bbox}
Last errors/warnings: - E: java.io.IOException: . Przyczyna: org.xml.sax.SAXParseException: Premature end of file. - E: java.io.IOException: . Przyczyna: org.xml.sax.SAXParseException: Premature end of file. - E: java.io.IOException: . Przyczyna: org.xml.sax.SAXParseException: Premature end of file. - E: java.io.IOException: . Przyczyna: org.xml.sax.SAXParseException: Premature end of file. - E: java.io.IOException: . Przyczyna: org.xml.sax.SAXParseException: Premature end of file.
2. wms:https://emuia.gugik.gov.pl/wmsproxy/emuia/wms?SERVICE=WMS&FORMAT=image/png&TRANSPARENT=TRUE&VERSION=1.1.1&SERVICE=WMS&REQUEST=GetMap&LAYERS=emuia:layer_miejscowosci_granica&STYLES=&SRS={proj}&WIDTH={width}&HEIGHT={height}&BBOX={bbox}
Last errors/warnings: - E: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Przyczyna: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Przyczyna: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Przyczyna: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target - E: java.io.IOException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target - E: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Przyczyna: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Przyczyna: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Przyczyna: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target - E: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Przyczyna: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Przyczyna: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Przyczyna: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target - E: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Przyczyna: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Przyczyna: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Przyczyna: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
1. wms_endpoint:http://emuia.gugik.gov.pl:80/
Last errors/warnings: - E: java.io.IOException: . Przyczyna: org.xml.sax.SAXParseException: Premature end of file. - E: Could not parse WMS layer list. Incoming data:
2. wms_endpoint:https://emuia.gugik.gov.pl/
Only show message "cannot download layers list" and in terminal:
INFO: GET https://emuia.gugik.gov.pl/wmsproxy/emuia/wms?VERSION=1.1.1&SERVICE=WMS&REQUEST=GetCapabilities
When I add SSL key to cacerts keystore then first problem not exist, but it is too hard for newbies.
Repository Root: http://josm.openstreetmap.de/svn Build-Date: 2015-02-18 12:05:51 Last Changed Author: Don-vip Revision: 8081 Repository UUID: 0c6e7542-c601-0410-84e7-c038aed88b3b Relative URL: ^/trunk URL: http://josm.openstreetmap.de/svn/trunk Last Changed Date: 2015-02-17 23:11:29 +0100 (Tue, 17 Feb 2015) Last Changed Rev: 8081 Identification: JOSM/1.5 (8081 pl) Linux Ubuntu 14.04.2 LTS Memory Usage: 296 MB / 869 MB (149 MB allocated, but free) Java version: 1.7.0_75, Oracle Corporation, OpenJDK 64-Bit Server VM Java package: openjdk-7-jre:amd64-7u75-2.5.4-1~trusty1 Dataset consistency test: No problems found Plugins: - CADTools (1003) - InfoMode (30892) - OpeningHoursEditor (30962) - PicLayer (30962) - editgpx (30892) - photo_geotagging (30967) - photoadjust (30964) - reverter (30990) - tag2link (30962)
Attachments (0)
Change History (5)
comment:1 by , 11 years ago
| Type: | defect → enhancement |
|---|
follow-up: 3 comment:2 by , 11 years ago
| Resolution: | → wontfix |
|---|---|
| Status: | new → closed |
comment:3 by , 11 years ago
Replying to Don-vip:
From government I received reply just "please refresh page". But I was talking about wms... Next mails from me has been ignored.
What about second problem?
Second problem: Error when got 302 redirect
comment:4 by , 11 years ago
that's the same problem as the server redirects to https.
You should try to get in contact directly with technical staff administering the WMS. The support team that replied to you has probably no idea what you were talking about.
comment:5 by , 11 years ago
But that was technical support :D, I received contact info to they from normal support. In Monday I try contact again using phone number.
that's the same problem as the server redirects to https.
When I add key to keystore then https. But from server I receive list with [layers over http] (and when connecting they redirect to https) and must manually change urls http -> https to make it working.
Replying to anonymous:
There is no simpler solution. You should contact your government agency and tell them either to open http access or use a real certificate.