Users - RMI: CertificateExpiredException

> --- Ursprüngliche Nachricht ---
> Von: "Anna  Schietz" <[hidden email]>
> An: [hidden email]
> Betreff: [OFBiz] Users - RMI: CertificateExpiredException
> Datum: Mon, 20 Feb 2006 13:52:28 +0100 (MET)
>
> hi,
>
> it's me again.. :(
> I didn't find out how to solve my SOAP problem so I decided to use RMI
> instead.
>
>
> Here's my code:
> *******************
> String RMI_URL = "rmi://127.0.0.1:1099/RMIDispatcher";
> Object o = Naming.lookup(RMI_URL);
> rd=(RemoteDispatcher)o;
>
> Map context = new HashMap();
> context.put("productId", "testid");
> Map result=rd.runSync("remoteStoreEntitySyncDataRmi", context);
> *******************
>
> Namking.lookup() returns a RemoteDispatcherImpl_StubRemIdsp and I cast
> this
> to a RemoteDispatcher successfully. But after runSnyc() I get a
> RemoteException:
>
> RemoteException:error during JRMP connection establishment; nested
> exception
> is:
> javax.net.ssl.SSLHandshakeException:
> java.security.cert.CertificateExpiredException: NotAfter: Thu Oct 27
> 22:03:44 CEST 2005
>
> Do you think this is really caused by an expired certificate? If yes: what
> can I do about it? (I don't know where to find it, etc.; the certificate
> that is used in the ecommerce app is valid until 2016 so there have to be
> at
> least 2 different certificates).
>
> Btw: I'm using svn 6670.
>
>
> And here's the service setup:
> <service name="getVariantCombinations" engine="java"
> location="org.ofbiz.product.feature.ProductFeatureServices"
> export="true" auth="false" invoke="getVariantCombinations">
>    <attribute type="String" mode="IN" name="productId" optional="false"/>
>    <attribute type="List" mode="OUT" name="featureCombinations"
> optional="false"/>
> </service>
>
> <service name="remoteGetVariantCombinationsRmi" engine="rmi"
> location="entity-sync-rmi" invoke="getVariantCombinations"
> use-transaction="false" auth="false">
>    <implements service="getVariantCombinations"/>
> </service>
>
> --
> Telefonieren Sie schon oder sparen Sie noch?
> NEU: GMX Phone_Flat http://www.gmx.net/de/go/telefonie
>  
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users
>

>
> This is an interesting issue for 2 reasons:
>
> 1. It is an expired certificate, and really needs to be updated in SVN.
>
> 2. It is a BOGUS certificate with a BOGUS signing (ie not by any real
> cert authority, ie self signed) and should NOT be used in production
> except perhaps on a private network. You should put in your own
> _real_ certificate for security reasons.
>
> On a side note, you can change the RMI config in the
> serviceengine.xml file to not use encryption. Just look in the same
> package that the encrypted RMI class is defined in and find the
> compressed only class and stick it in the config...
>
> -David
>
>
> On Feb 20, 2006, at 5:52 AM, Anna Schietz wrote:
>
> > hi,
> >
> > it's me again.. :(
> > I didn't find out how to solve my SOAP problem so I decided to use RMI
> > instead.
> >
> >
> > Here's my code:
> > *******************
> > String RMI_URL = "rmi://127.0.0.1:1099/RMIDispatcher";
> > Object o = Naming.lookup(RMI_URL);
> > rd=(RemoteDispatcher)o;
> >
> > Map context = new HashMap();
> > context.put("productId", "testid");
> > Map result=rd.runSync("remoteStoreEntitySyncDataRmi", context);
> > *******************
> >
> > Namking.lookup() returns a RemoteDispatcherImpl_StubRemIdsp and I
> > cast  this
> > to a RemoteDispatcher successfully. But after runSnyc() I get a
> > RemoteException:
> >
> > RemoteException:error during JRMP connection establishment; nested
> > exception
> > is:
> > javax.net.ssl.SSLHandshakeException:
> > java.security.cert.CertificateExpiredException: NotAfter: Thu Oct 27
> > 22:03:44 CEST 2005
> >
> > Do you think this is really caused by an expired certificate? If
> > yes: what
> > can I do about it? (I don't know where to find it, etc.; the
> > certificate
> > that is used in the ecommerce app is valid until 2016 so there have
> > to be at
> > least 2 different certificates).
> >
> > Btw: I'm using svn 6670.
> >
> >
> > And here's the service setup:
> > <service name="getVariantCombinations" engine="java"
> > location="org.ofbiz.product.feature.ProductFeatureServices"
> > export="true" auth="false" invoke="getVariantCombinations">
> >    <attribute type="String" mode="IN" name="productId"
> > optional="false"/>
> >    <attribute type="List" mode="OUT" name="featureCombinations"
> > optional="false"/>
> > </service>
> >
> > <service name="remoteGetVariantCombinationsRmi" engine="rmi"
> > location="entity-sync-rmi" invoke="getVariantCombinations"
> > use-transaction="false" auth="false">
> >    <implements service="getVariantCombinations"/>
> > </service>
> >
> > --
> > Telefonieren Sie schon oder sparen Sie noch?
> > NEU: GMX Phone_Flat http://www.gmx.net/de/go/telefonie
> >
> > _______________________________________________
> > Users mailing list
> > [hidden email]
> > http://lists.ofbiz.org/mailman/listinfo/users
>
>
>
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users
>
>
>

> --- Ursprüngliche Nachricht ---
> Von: "Brett Palmer" <[hidden email]>
> An: "OFBiz Users / Usage Discussion" <[hidden email]>
> Betreff: Re: [OFBiz] Users - RMI: CertificateExpiredException
> Datum: Mon, 20 Feb 2006 12:35:10 -0700
>
> Anna,
>
> We have seen the same problem before with expired certificates.  We
> use RMI to communicate between servers.  We generated our own
> certificate to fix the problem you are seeing.  As David mentioned,
> you should really be using your own certificate or a valid signed
> certificate.
>
> Also, remember that the certificate needs to be available on the
> client calling the RMI as well as the server receiving the RMI call.
>
> Brett
>
> On 2/20/06, David E. Jones <[hidden email]> wrote:
> >
> > This is an interesting issue for 2 reasons:
> >
> > 1. It is an expired certificate, and really needs to be updated in SVN.
> >
> > 2. It is a BOGUS certificate with a BOGUS signing (ie not by any real
> > cert authority, ie self signed) and should NOT be used in production
> > except perhaps on a private network. You should put in your own
> > _real_ certificate for security reasons.
> >
> > On a side note, you can change the RMI config in the
> > serviceengine.xml file to not use encryption. Just look in the same
> > package that the encrypted RMI class is defined in and find the
> > compressed only class and stick it in the config...
> >
> > -David
> >
> >
> > On Feb 20, 2006, at 5:52 AM, Anna Schietz wrote:
> >
> > > hi,
> > >
> > > it's me again.. :(
> > > I didn't find out how to solve my SOAP problem so I decided to use RMI
> > > instead.
> > >
> > >
> > > Here's my code:
> > > *******************
> > > String RMI_URL = "rmi://127.0.0.1:1099/RMIDispatcher";
> > > Object o = Naming.lookup(RMI_URL);
> > > rd=(RemoteDispatcher)o;
> > >
> > > Map context = new HashMap();
> > > context.put("productId", "testid");
> > > Map result=rd.runSync("remoteStoreEntitySyncDataRmi", context);
> > > *******************
> > >
> > > Namking.lookup() returns a RemoteDispatcherImpl_StubRemIdsp and I
> > > cast  this
> > > to a RemoteDispatcher successfully. But after runSnyc() I get a
> > > RemoteException:
> > >
> > > RemoteException:error during JRMP connection establishment; nested
> > > exception
> > > is:
> > > javax.net.ssl.SSLHandshakeException:
> > > java.security.cert.CertificateExpiredException: NotAfter: Thu Oct 27
> > > 22:03:44 CEST 2005
> > >
> > > Do you think this is really caused by an expired certificate? If
> > > yes: what
> > > can I do about it? (I don't know where to find it, etc.; the
> > > certificate
> > > that is used in the ecommerce app is valid until 2016 so there have
> > > to be at
> > > least 2 different certificates).
> > >
> > > Btw: I'm using svn 6670.
> > >
> > >
> > > And here's the service setup:
> > > <service name="getVariantCombinations" engine="java"
> > > location="org.ofbiz.product.feature.ProductFeatureServices"
> > > export="true" auth="false" invoke="getVariantCombinations">
> > >    <attribute type="String" mode="IN" name="productId"
> > > optional="false"/>
> > >    <attribute type="List" mode="OUT" name="featureCombinations"
> > > optional="false"/>
> > > </service>
> > >
> > > <service name="remoteGetVariantCombinationsRmi" engine="rmi"
> > > location="entity-sync-rmi" invoke="getVariantCombinations"
> > > use-transaction="false" auth="false">
> > >    <implements service="getVariantCombinations"/>
> > > </service>
> > >
> > > --
> > > Telefonieren Sie schon oder sparen Sie noch?
> > > NEU: GMX Phone_Flat http://www.gmx.net/de/go/telefonie
> > >
> > > _______________________________________________
> > > Users mailing list
> > > [hidden email]
> > > http://lists.ofbiz.org/mailman/listinfo/users
> >
> >
> >
> >
> > _______________________________________________
> > Users mailing list
> > [hidden email]
> > http://lists.ofbiz.org/mailman/listinfo/users
> >
> >
> >
>  
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users
>