Hi all,
I'm trying to access UPS and FedEx servers (ofbiz1104) and get certificate errors; the ofbizssl.jks file is located in base/config.
An error I see is:
2012-10-17 13:14:50,629 (http-0.0.0.0-8080-4) [ HttpClient.java:490:WARN ] Certificate error when accessing url [
https://wwwcie.ups.com/ups.app/xml/Rate]: No trusted certificate found
If I list certs in the ofbizssl.jks keystore, I see:
Alias name: wwwcie.ups.com (verisign class 3 secure server ca - g3)
Creation date: Oct 12, 2012
Entry type: trustedCertEntry
Owner: CN=wwwcie.ups.com, OU=J2EE, O=United Parcel Service, L=Mahwah, ST=New Jersey, C=US
Issuer: CN=VeriSign Class 3 Secure Server CA - G3, OU=Terms of use at
https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Serial number: ...
Valid from: Thu Mar 01 16:00:00 PST 2012 until: Mon Apr 11 16:59:59 PDT 2016
Certificate fingerprints:
...
Signature algorithm name: SHA1withRSA
Version: 3
I tried exporting/reimporting to another .jks… no errors, all keys imported, but the new .jks doesn't work, either.
One curious thing I've discovered: if I put a dummy env var into the keystoreFile value (in ofbiz-containers) such as "${flum}/...", I see an error in the log saying it can't find the path ".../runtime/catalina/${flum}/...". I tried putting a copy of the keystore in runtime/catalina/framework/base/config, but that didn't help.
Thanks,
Jeff