Hi!
The httpdata.lzx example file (from lps-1.0.1) works fine when I don't use ssl.

I set Tomcat up to use an ssl connector and have this:

java.security.cert.CertificateException: Couldn't find trusted certificate

I try to add attribute "secure=true":

<datasource type="http" name="http" secure="true">
<dataset name="swatch" autorequest="true"
src="swatch.xml"/>
</datasource>

but have no results.

Pls help!

Eugene.

Do you actually have a security certificate installed on the server?

-Antun

I haven't security certificate (Verisign from example).
I created a certificate keystore by executing:

keytool -genkey -alias tomcat -keyalg RSA

and and specified a password value of "changeit".

Hi Eugene,

The error message you're getting is happening because LPS doesn't trust the server certificate that's coming from the backend (oddly enough, itself). You'll need to import that certificate into the client side java certificate trust store so that it recognizes the self-signed certificate as trusted. Steps you'll need to take:

-----

# Export the Tomcat certificate you created from your keystore
% keytool -export -keystore .keystore -alias tomcat -file tomcat.cer

# Move this file to the java security directory
% mv tomcat.cer $JAVA_HOME/jre/lib/security

# Go to $JAVA_HOME/jre/lib/security and copy cacerts to jssecacerts. JSSE looks for
# the jssecacerts truststore before cacerts, if it exists. The cacerts truststore has
# certificates for Versign, etc.
% cp cacerts jssecacerts

# Import your tomcat certificate into jssecacerts
% keytool -import -alias tomcat -file tomcat.cer -keystore jssecacerts

# Now stop and start Tomcat.

-----

Rerun your httpdata.lzx example w/secure connection. Let me know if this works for you.

Btw, for more info on JSSE and SSL, check out http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html

Cheers,
pablo

Thank you, Pablo! This work for me fine!

Eugene.

We are experiencing a similar problem with SSL.

Our SOAP over HTTP requests are working fine in Mozilla and Internet Explorer.

However, our SOAP over HTTPS requests are only working in Mozilla, they do not work with Internet Explorer.

We thought it might be our self-signed certs, so we installed real CA trusted certs in case IE didn't like the self-signed ones. No luck.

Has anyone else experienced this?

I solved the problem that warning the message about the certificate.
whith laszlo log defined to debug I can see it acessing my servlet and the xml response. But the ondata event of my dataset is never called!!!

what could be happening?!

xmldata loads all http and https requests... but my in datasets loading data from struts action the ondata event is never called.

Is there some issue with laszlo and struts over https?

dionatan,

Which browser are you using? We've had problems with Internet Explorer, but not with Mozilla.

Barry

No, i using IE, and i need it working under IE.
removing
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
it works.

Understood, I also need to have this working under IE, but if you find that it does work under Mozilla, then it would appear that we are both seeing the same problem.

If we (you and I) can both verify that requests going over HTTP work in both IE and Mozilla, but requests going over HTTPS work on Mozilla but NOT on IE, it might provide some useful hint as to why the problem is occurring.

Hi people,

I am trying to connect to a secure dataset my env included tomcat 5.5, lps3.1.1 and jdk 5.0.
Everything runs fine if i remove secure="true" from code :

<dataset name="loginds" type="http" src="http:/gui/LoginServlet" request="false" secure="true"/>

I have performed all the above steps for placing the self signed certificate in the cacert and jsse steps. But still this is not working. there are no exception and the call doesn't reachup to my LoginServlet. I have a welcome page with url https:localhost:8999/gui this comes up but once i put userid and password and poress submit and post a request to LoginServlet like -

code :
var param=new LzParam(); param.addValue("action","login",true); param.addValue("loginid",user,true); param.addValue("password",pass,true);
canvas.loginds.setQueryString(param,'POST'); canvas.loginds.doRequest();

It doesn't rech up to my servlet.

Any ideas will be greatly appreciated.
regards,
Ankit.

Originally posted by pablo
# Export the Tomcat certificate you created from your keystore
% keytool -export -keystore .keystore -alias tomcat -file tomcat.cer

# Move this file to the java security directory
% mv tomcat.cer $JAVA_HOME/jre/lib/security

# Go to $JAVA_HOME/jre/lib/security and copy cacerts to jssecacerts. JSSE looks for
# the jssecacerts truststore before cacerts, if it exists. The cacerts truststore has
# certificates for Versign, etc.
% cp cacerts jssecacerts

# Import your tomcat certificate into jssecacerts
% keytool -import -alias tomcat -file tomcat.cer -keystore jssecacerts

Instead of export/import of the key you can add
-Djavax.net.ssl.trustStore=path_to_keystore
to the command line of the server.