HEy guys,
I am just testing the UPS implementation. I get an log error that the certificate is not trusted. Is a fully trusted cert needed? Cause I am still on testings and implementations, and do not want to put the site online on a real TLD. So I am working from localhost, so its difficult to get a cert for localhost :) Is that the reason for the UPS error, or should UPS work without an SSL Cert, so that I can test it? 3396933 [http-bio-0.0.0.0-443-exec-20] WARN org.ofbiz.base.util.HttpClient - ---- exception report ---------------------------------------------------------- Exception: java.security.cert.CertificateException Message: No trusted certificate found ---- stack trace --------------------------------------------------------------- java.security.cert.CertificateException: No trusted certificate found org.ofbiz.base.util.MultiTrustManager.checkServerTrusted(MultiTrustManager.java:70) sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1160) sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) sun.security.ssl.Handshaker.processLoop(Handshaker.java:609) sun.security.ssl.Handshaker.process_record(Handshaker.java:545) sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:963) sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1208) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1235) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1219) sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:440) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:979) sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) org.ofbiz.base.util.HttpClient.sendHttpRequestStream(HttpClient.java:478) org.ofbiz.base.util.HttpClient.sendHttpRequestStream(HttpClient.java:398) org.ofbiz.base.util.HttpClient.sendHttpRequest(HttpClient.java:340) org.ofbiz.base.util.HttpClient.post(HttpClient.java:260) org.ofbiz.shipment.thirdparty.ups.UpsServices.sendUpsRequest(UpsServices.java:1991) org.ofbiz.shipment.thirdparty.ups.UpsServices.upsShipmentConfirm(UpsServices.java:648) sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) java.lang.reflect.Method.invoke(Method.java:616) ....end so on ... |
edit:
the error ends with the following: 3397373 [http-bio-0.0.0.0-443-exec-20] INFO org.ofbiz.base.util.SSLUtil - Trusting (un-trusted) server certificate chain: 3397373 [http-bio-0.0.0.0-443-exec-20] INFO org.ofbiz.base.util.SSLUtil - ---- CN=wwwcie.ups.com,OU=J2EE,O=United Parcel Service,L=Mahwah,ST=New Jersey,C=US valid: Tue Apr 12 01:59:59 CEST 2016 3397373 [http-bio-0.0.0.0-443-exec-20] INFO org.ofbiz.base.util.SSLUtil - ---- CN=VeriSign Class 3 Secure Server CA - G3,OU=Terms of use at https://www.verisign.com/rpa (c)10,OU=VeriSign Trust Network,O=VeriSign\, Inc.,C=US valid: Sat Feb 08 00:59:59 CET 2020 3397373 [http-bio-0.0.0.0-443-exec-20] INFO org.ofbiz.base.util.SSLUtil - ---- CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=(c) 2006 VeriSign\, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\, Inc.,C=US valid: Mon Nov 08 00:59:59 CET 2021 3398427 [http-bio-0.0.0.0-443-exec-20] ERROR org.ofbiz.service.ServiceDispatcher - Error in Service [upsShipmentConfirm]: FacilityShipmentUpsShipmentConfirmFailed, FacilityShipmentUpsErrorMessage. 3398474 [http-bio-0.0.0.0-443-exec-20] ERROR org.ofbiz.webapp.control.RequestHandler - Request upsShipmentConfirm caused an error with the following message: [FacilityShipmentUpsShipmentConfirmFailed, FacilityShipmentUpsErrorMessage. ] |
Hi,
Generally this happens when no root CA certificate is found in JDK key store. This also means if UPS server is not using a certificate sign by well known CA, you will see this error. One way to verify the certificates to open the URL you are trying to connect in the browser and check if you see an error. If you do, it means this certificate s either self signed or not signed by well known CA or the Root CA is missing even in the browser certificate store. To make it work in test environment (This is not advised for production), you can export the certificate with browser export function and then import it in your JDK using keytool. Thanks, Raj On Monday 04 March 2013 08:22 PM, Robert G. wrote: > edit: > > the error ends with the following: > / > 3397373 [http-bio-0.0.0.0-443-exec-20] INFO org.ofbiz.base.util.SSLUtil - > Trusting (un-trusted) server certificate chain: > 3397373 [http-bio-0.0.0.0-443-exec-20] INFO org.ofbiz.base.util.SSLUtil - > ---- CN=wwwcie.ups.com,OU=J2EE,O=United Parcel Service,L=Mahwah,ST=New > Jersey,C=US valid: Tue Apr 12 01:59:59 CEST 2016 > 3397373 [http-bio-0.0.0.0-443-exec-20] INFO org.ofbiz.base.util.SSLUtil - > ---- CN=VeriSign Class 3 Secure Server CA - G3,OU=Terms of use at > https://www.verisign.com/rpa (c)10,OU=VeriSign Trust Network,O=VeriSign\, > Inc.,C=US valid: Sat Feb 08 00:59:59 CET 2020 > 3397373 [http-bio-0.0.0.0-443-exec-20] INFO org.ofbiz.base.util.SSLUtil - > ---- CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=(c) > 2006 VeriSign\, Inc. - For authorized use only,OU=VeriSign Trust > Network,O=VeriSign\, Inc.,C=US valid: Mon Nov 08 00:59:59 CET 2021 > 3398427 [http-bio-0.0.0.0-443-exec-20] ERROR > org.ofbiz.service.ServiceDispatcher - Error in Service [upsShipmentConfirm]: > FacilityShipmentUpsShipmentConfirmFailed, FacilityShipmentUpsErrorMessage. > 3398474 [http-bio-0.0.0.0-443-exec-20] ERROR > org.ofbiz.webapp.control.RequestHandler - Request upsShipmentConfirm caused > an error with the following message: > [FacilityShipmentUpsShipmentConfirmFailed, FacilityShipmentUpsErrorMessage. > ] > / > > > > -- > View this message in context: http://ofbiz.135035.n4.nabble.com/UPS-connection-SSL-Certificate-Error-tp4639681p4639682.html > Sent from the OFBiz - User mailing list archive at Nabble.com. > |
I see, thank you.
The problem is, that I am working localy, so the certificate would not fit to my localhost, so this is not trusted eather. What can I do? Or do I really have to put it on my TLD and buy the cert, cause I think a self signed is not trusted as well. |
In reply to this post by Rajbir Saini
hey guys,
it seems that it works also without the encryption. The error still occurs but I am a step further. Now I get the error from UPS: Error in Service [upsShipmentConfirm]: The UPS ShipmentConfirm failed, An error occurred [code:120542] with severity Hard: Package/ReferenceNumber is not allowed for this shipment. I ship from Germany to a destination in germany. SO it says me that a reference number is not allowed. I use the service code 11 for standard shippment. In production environment we still use Worldship 12 and we can set reference numbers there for standard service, so what is going wrong here? do someone know sth? |
UPS just told me, that the ref no. on xml package layer is only valid for US, so I have to us the shippment layer in xml.
thats it |
Free forum by Nabble | Edit this page |