Hyland Connect

Thansk for fast reply,

alfresco.log gives no output after failed login and catalina.out isn't available. The only log is in share.log and says something about "PKIX path building failed". So i checked the certificates and testet some troubleshootings but it doesn't help (reinstalled the certificates, checked all paths in configurationdata).

To install an apache in front of alfresco is the last option for us. The better way for us is to find a way without an additional apache.

Thanks for reply,

our alfresco is located in our intranet and should not be visible from the outside.

Please correct me if i'm wrong but i think we don't need a proxy for this. But alfresco should be only available over https.

We added following to the server.xml

<Connector port="8080" protocol="HTTP/1.1"
           connectionTimeout="20000"
           URIEncoding="UTF-8"
           enableLookups="false"
           redirectPort="1443" />

    <Connector port="80" protocol="HTTP/1.1"
           connectionTimeout="20000"
           URIEncoding="UTF-8"
           enableLookups="false"
           redirectPort="1443" />

    <Connector port="1443" URIEncoding="UTF-8"
    protocol="org.apache.coyote.http11.Http11Protocol"  
    SSLEnabled="true" maxThreads="150" scheme="https"  
    keystoreFile="path"
    keystorePass="password"  
    keystoreType="JCEKS"  
    secure="true" connectionTimeout="240000"  
    clientAuth="false"  
    sslProtocol="TLS"
    allowUnsafeLegacyRenegotiation="true"  
    maxHttpHeaderSize="32768"
    sslEnabledProtocols="TLSv1.2,TLSv1.1,TLSv1,SSLv2Hello" />

and it's working until we add the redirect to web.xml. We followed the instruction for configuring SSL in a test environment except the redirect in the web.xml which we need to prevent connections over http.

Hi ,

I was able to reproduce the issue- in below screenshot and logs - check the below link 

And it is not alfresco issue rather - ssl(JavaEE) issue. Need to try different values or a string with path for your page etc... hit and trial

Alfresco HTTPS setup - Blog - eCommerce Solutions, Document and Content Management 

Also try with 

http://docs.adaptivecomputing.com/viewpoint/7-2-6/hpc/Content/topics/1-setup/securityConfiguration/m... 

Forcing SSL for sections of your website - Metawerx Java Wiki 

---------------------------------------------------------------------------------------------------------------------------------- I got this issue as below:

at java.lang.Thread.run(Unknown Source)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
... 74 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)

Thanks!

i followed the instruction but now i get the error message even without the redirect.

I'll check my settings and go on with testing.

After restarting alfresco there some new ErrorMessages in alfresco.log :

ERROR [org.hibernate.transaction.JDBCTransaction] [http-bio-8443-exec-15] JDBC rollback failed
org.postgresql.util.PSQLException: This connection has been closed.

ERROR [org.alfresco.util.transaction.SpringAwareUserTransaction] [http-bio-8443-exec-15] Application exception overridden by rollback exception
java.lang.Exception

RROR [org.alfresco.repo.transaction.RetryingTransactionHelper] [http-bio-8443-exec-15] Rollback failure.  Normal retry behaviour will resume.
org.springframework.transaction.TransactionSystemException: Could not roll back Hibernate transaction; nested exception is org.hibernate.TransactionException: JDBC rollback failed

and in solr.log:

ERROR [org.alfresco.solr.tracker.AbstractTracker] Tracking failed
java.net.SocketException: Socket Closed

ERROR [org.alfresco.solr.tracker.AbstractTracker] Tracking failed
java.net.SocketException: Socket Closed

Hi Katharina,

Can you please check that when you stopped the server the postgresql had stopped . You can ensure that from services.msc 

Looks like a mismatch in the indexes causing this.

Just do a full SOR reindex , which is nothing but just delete the SOLR4 directory and then restart the alfresco.

alf_data/solr4

The complete detail to do a full reindex is as below link:

Performing a full reindex with Solr | Alfresco Documentation 

Hi Ranjeet,

the alfresco.log and solr.log are clean now, thanks!

But old Problem in share.log:

Error status 500 sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

I've seen that the cacert has only one entry, my own certificate, is this a problem?