2018 Sep 04 12:58 PM - edited 2024 Feb 04 6:47 AM
Hi All,
I want to enable https connection between datahub and hybris. I followed steps given in : https://help.hybris.com/6.7.0/hcd/1dec8042f1944a9fb090967ebe770ceb.html
I tried adding datahub certificate to keystore as well as given in : https://help.hybris.com/6.7.0/hcd/e840eaa7eb374cc5ad6dee48eca81d97.html
In hybris console I am still getting error like:
Data Hub @ https://localhost:8443/datahub-webapp/v1 is not running because: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Any help is appreciated!
Sid
Request clarification before answering.
Hi All,
I am able to resolve the issue by using truststore.jks on both side.
Firstly, I created a cert file from truststore.jks and added this cert file to the trusted keystore in jre.
I used below properties in hybris side:
additional.javax.net.ssl.trustStore=${platformhome}/resources/devcerts/truststore.jks additional.javax.net.ssl.trustStorePassword=123456
In datahub side , I used :
datahub.security.ssl.trustStore=file\:C:/Tomcat_8.5.33/apache-tomcat-8.5.33/webapps/datahub-webapp/WEB-INF/classes/truststore.jks datahub.security.ssl.trustStorePassword=123456
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Sid,
it's hard to recommend anything specific based on the information you provided in the question. It's unclear whether you:
used a signed certificate or a self-issued certificate
added the certificate to the standard JRE keystore or to the custom DataHub store
Generally that error indicates that a matching certificate is not found. That may be because the added certificate name does not match the host name in your URLs; self-signed certificate was not added as trusted certificate; the certificate was added to a wrong key store, e.g. to the JRE store while DataHub is configured to use custom keystore. If you just copied the commands from the documents and executed them without adjusting the JRE paths, it's possible your JRE version is different and the path should be different.
Because, there are so many things, which might have gone wrong, all that can be recommended now is to learn more about SSL and to understand how it works with Java. There are plenty documents and troubleshooting advices on the net for that.
Setting up a certificate in the JRE may be simpler, because custom DataHub keystore adds another level of complexity. Once you got it working with the JRE, then you can move the certificate to the custom keystore. Also, try to configure the SSL in tomcat and add the certificates, then just hit DataHub and/or the hybris platform over HTTPS from a web browser. That should be simper to resolve. Once you can do that, then attempt configuring DataHub/platform to talk to each other.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
19 | |
17 | |
3 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.