XMLRPC over SSL returns error: "peer not authenticated"
-
odaata
- Posts: 26
- Joined: Wed Apr 10, 2013 12:34 pm
- Location: Utrecht, Netherlands
XMLRPC over SSL returns error: "peer not authenticated"
Hi,
I recently set up an eXist XML DB server, proxied behind apache2 over HTTPS. I'm able to connect to the server with my web browser with no problem, but when I try to connect to the XMLRPC service with Oxygen, I get the HTTPS error: "peer not authenticated". The certificate I'm using is new, but it was created with a common CA (QuoVadis). I've checked that the CA is listed in the JRE cacerts file under which Oxygen runs. I've also manually installed the certificate following the "Troubleshooting HTTPS" help page, but I'm still getting the error. Any ideas on what might be causing this and how I might fix it?
Thanks in advance for your help!
Mike
I recently set up an eXist XML DB server, proxied behind apache2 over HTTPS. I'm able to connect to the server with my web browser with no problem, but when I try to connect to the XMLRPC service with Oxygen, I get the HTTPS error: "peer not authenticated". The certificate I'm using is new, but it was created with a common CA (QuoVadis). I've checked that the CA is listed in the JRE cacerts file under which Oxygen runs. I've also manually installed the certificate following the "Troubleshooting HTTPS" help page, but I'm still getting the error. Any ideas on what might be causing this and how I might fix it?
Thanks in advance for your help!
Mike
-
adrian
- Posts: 2881
- Joined: Tue May 17, 2005 4:01 pm
Re: XMLRPC over SSL returns error: "peer not authenticated"
Hi,
On what platform are you running Oxygen (Window, Linux, Mac)?
The error seems to indicate that the certificate is still not accepted.
Are you sure the certificate was correctly imported in the Java runtime used by Oxygen in the cacerts file from the correct location?
If the certificate depends on a chain, then the rest of the chain must also be present or imported in the cacerts file.
The easy way out is to configure Oxygen to simply ignore the certificate validity in Options > Preferences, Network Connection Settings > HTTP(S)/WebDAV, "Automatically accept a security certificate, even if invallid".
Please be aware that this means any certificate, more or less genuine, will be accepted.
Regards,
Adrian
On what platform are you running Oxygen (Window, Linux, Mac)?
The error seems to indicate that the certificate is still not accepted.
Are you sure the certificate was correctly imported in the Java runtime used by Oxygen in the cacerts file from the correct location?
If the certificate depends on a chain, then the rest of the chain must also be present or imported in the cacerts file.
The easy way out is to configure Oxygen to simply ignore the certificate validity in Options > Preferences, Network Connection Settings > HTTP(S)/WebDAV, "Automatically accept a security certificate, even if invallid".
Please be aware that this means any certificate, more or less genuine, will be accepted.
Regards,
Adrian
Adrian Buza
<oXygen/> XML Editor, Schema Editor and XSLT Editor/Debugger
http://www.oxygenxml.com
<oXygen/> XML Editor, Schema Editor and XSLT Editor/Debugger
http://www.oxygenxml.com
-
odaata
- Posts: 26
- Joined: Wed Apr 10, 2013 12:34 pm
- Location: Utrecht, Netherlands
Re: XMLRPC over SSL returns error: "peer not authenticated"
Thanks for your help! I'm running it on Ubuntu 14.04. I've also tried turning that option on and I still get the same error. I also thought it might be the server config, so I tried it with and without http authentication on the exist xmlprc servlet, but no difference 
-
adrian
- Posts: 2881
- Joined: Tue May 17, 2005 4:01 pm
Re: XMLRPC over SSL returns error: "peer not authenticated"
Hi,
If it doesn't work with that option set, the problem might be elsewhere.
What version of eXist-db do you have running?
How did you configure the eXist-db connection in Oxygen?
Did you manually configure the data source and connection? Or did you use the connection wizard?
Check if you enabled the option "Use a secure HTTPS connection (SSL)" in your connection config.
Double check the XML DB URI, especially the port.
e.g. xmldb:exist://<host>:8080/exist/xmlrpc
Try using the wizard, Create eXist-db XML connection hyperlink at the top of the Data Sources options panel.
Regards,
Adrian
If it doesn't work with that option set, the problem might be elsewhere.
What version of eXist-db do you have running?
How did you configure the eXist-db connection in Oxygen?
Did you manually configure the data source and connection? Or did you use the connection wizard?
Check if you enabled the option "Use a secure HTTPS connection (SSL)" in your connection config.
Double check the XML DB URI, especially the port.
e.g. xmldb:exist://<host>:8080/exist/xmlrpc
Try using the wizard, Create eXist-db XML connection hyperlink at the top of the Data Sources options panel.
Regards,
Adrian
Adrian Buza
<oXygen/> XML Editor, Schema Editor and XSLT Editor/Debugger
http://www.oxygenxml.com
<oXygen/> XML Editor, Schema Editor and XSLT Editor/Debugger
http://www.oxygenxml.com
-
odaata
- Posts: 26
- Joined: Wed Apr 10, 2013 12:34 pm
- Location: Utrecht, Netherlands
Re: XMLRPC over SSL returns error: "peer not authenticated"
Sorry to take so long to get back to this, but I've been traveling and just didn't have time...
The port was indeed the problem - once I switched it, I stopped getting the 'peer not authenticated' error, and I'm now able to successfully connect over WebDAV, so that is working. However, I'm still getting a "503: Service not available" error when trying to connect via XML-RPC. Have you seen this before? Any ideas what I may have configured incorrectly?
Thanks in advance for your help and Merry Christmas!
Mike
The port was indeed the problem - once I switched it, I stopped getting the 'peer not authenticated' error, and I'm now able to successfully connect over WebDAV, so that is working. However, I'm still getting a "503: Service not available" error when trying to connect via XML-RPC. Have you seen this before? Any ideas what I may have configured incorrectly?
Thanks in advance for your help and Merry Christmas!
Mike
-
odaata
- Posts: 26
- Joined: Wed Apr 10, 2013 12:34 pm
- Location: Utrecht, Netherlands
Re: XMLRPC over SSL returns error: "peer not authenticated"
I figured out what my problem was and I just wanted to update this post, in case others find it helpful...
There was a problem on my server in the way that my SSL certificate was set up - I had neglected to install the root and intermediate certificates for my CA, which was causing the certificates to not be verified.
Additionally, I incorrectly added the following to the XML-RPC servlet configuration in my web.xml file:
This is not recognized by eXist and so it threw the 503 error. Everything is now working fine!
Thanks for your help!
Mike
There was a problem on my server in the way that my SSL certificate was set up - I had neglected to install the root and intermediate certificates for my CA, which was causing the certificates to not be verified.
Additionally, I incorrectly added the following to the XML-RPC servlet configuration in my web.xml file:
Code: Select all
<init-param>
<param-name>useDefaultUser</param-name>
<param-value>true</param-value>
</init-param>Thanks for your help!
Mike
-
Radu
- Posts: 9469
- Joined: Fri Jul 09, 2004 5:18 pm
Re: XMLRPC over SSL returns error: "peer not authenticated"
Hi Mike,
Thanks for also posting a solution for this one.
Happy holidays.
Regards,
Radu
Thanks for also posting a solution for this one.
Happy holidays.
Regards,
Radu
Radu Coravu
<oXygen/> XML Editor
http://www.oxygenxml.com
<oXygen/> XML Editor
http://www.oxygenxml.com