RE: Configuring SSL for Jigsaw 2.2.4

Previous Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

RE: Configuring SSL for Jigsaw 2.2.4

Faisal Javeed

I did use the -keyalg RSA option to generate the certificate.
Is it neccessary to given relative paths in the prop files, right now i m using absolute paths.

This is my https-server file

#Updated by Install
#Wed Oct 26 12:21:21 GMT+05:00 2005
org.w3c.jigsaw.http.socket.SocketClientFactory.maxClients=30
org.w3c.jigsaw.request.timeout=3000000
org.w3c.jigsaw.client.bufsize=8192
org.w3c.jigsaw.serializer=org.w3c.tools.resources.serialization.xml.XMLSerializer
org.w3c.jigsaw.port=443
org.w3c.jigsaw.http.socket.SocketClientFactory.maxThreads=85
org.w3c.jigsaw.client.priority=5
org.w3c.jigsaw.trashdir=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES\\WS\\Jigsaw\\jigsaw\\trash
org.w3c.jigsaw.root=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES\\WS\\Jigsaw\\jigsaw
org.w3c.jigsaw.root.name=root
org.w3c.jigsaw.server=Jigsaw/2.2.4
org.w3c.jigsaw.docurl=/Doc/Reference
org.w3c.www.protocol.http.filters=
org.w3c.jigsaw.root.class=org.w3c.jigsaw.resources.DirectoryResource
org.w3c.jigsaw.checkpointer=/Admin/Checkpointer
org.w3c.jigsaw.checkSensitivity=true
org.w3c.jigsaw.propfile=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES\\WS\\Jigsaw\\jigsaw\\config\\https-server.props
org.w3c.jigsaw.space=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES\\WS\\Jigsaw\\jigsaw\\www
org.w3c.jigsaw.keepAlive=true
org.w3c.jigsaw.version.counter=4
org.w3c.jigsaw.http.socket.SocketClientFactory.maxFree=15
org.w3c.jigsaw.config=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES\\WS\\Jigsaw\\jigsaw\\config
org.w3c.jigsaw.edit.root=root
org.w3c.jigsaw.logger=org.w3c.jigsaw.http.CommonLogger
org.w3c.jigsaw.ssl.enabled=true
# Points to the key store (cf. 4. above, don't forget to put the full path to the keystore)
org.w3c.jigsaw.ssl.keystore.path=D:\IntechSW_Group\WES\Current\Deployment\WES\WS\Jigsaw\jigsaw\keystore\intechww.keystore
# Supplies the password for accessing the key store ...
org.w3c.jigsaw.ssl.keystore.password=temppass
# Finally, the socket client factory has to be set to the SSL factory ...
org.w3c.jigsaw.http.ClientFactory=org.w3c.jigsaw.https.socket.SSLSocketClientFactory



server-props.file

org.w3c.jigsaw.daemon.handlers=https-server|admin-server
https-server.org.w3c.jigsaw.daemon.class=org.w3c.jigsaw.https.httpsd
admin-server.org.w3c.jigsaw.daemon.class=org.w3c.jigsaw.admin.AdminServer






Regards
Faisal Javeed
INTECH Process Automation Pvt. Ltd.
119-B Tech Society Lahore-54590, Pakistan
Cell:      03334241582
Voice:   +92 42 5427001 (3 lines)
Fax:      +92 42 5411724
Web:     www.intechww.com
Reply | Threaded
Open this post in threaded view
|

RE: Configuring SSL for Jigsaw 2.2.4

Faisal Javeed

I did use the -keyalg RSA option to generate the certificate.
Is it neccessary to given relative paths in the prop files, right now i m using absolute paths.

This is my https-server file

#Updated by Install
#Wed Oct 26 12:21:21 GMT+05:00 2005
org.w3c.jigsaw.http.socket.SocketClientFactory.maxClients=30
org.w3c.jigsaw.request.timeout=3000000
org.w3c.jigsaw.client.bufsize=8192
org.w3c.jigsaw.serializer=org.w3c.tools.resources.serialization.xml.XMLSerializer
org.w3c.jigsaw.port=443
org.w3c.jigsaw.http.socket.SocketClientFactory.maxThreads=85
org.w3c.jigsaw.client.priority=5
org.w3c.jigsaw.trashdir=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES\\WS\\Jigsaw\\jigsaw\\trash
org.w3c.jigsaw.root=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES\\WS\\Jigsaw\\jigsaw
org.w3c.jigsaw.root.name=root
org.w3c.jigsaw.server=Jigsaw/2.2.4
org.w3c.jigsaw.docurl=/Doc/Reference
org.w3c.www.protocol.http.filters=
org.w3c.jigsaw.root.class=org.w3c.jigsaw.resources.DirectoryResource
org.w3c.jigsaw.checkpointer=/Admin/Checkpointer
org.w3c.jigsaw.checkSensitivity=true
org.w3c.jigsaw.propfile=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES\\WS\\Jigsaw\\jigsaw\\config\\https-server.props
org.w3c.jigsaw.space=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES\\WS\\Jigsaw\\jigsaw\\www
org.w3c.jigsaw.keepAlive=true
org.w3c.jigsaw.version.counter=4
org.w3c.jigsaw.http.socket.SocketClientFactory.maxFree=15
org.w3c.jigsaw.config=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES\\WS\\Jigsaw\\jigsaw\\config
org.w3c.jigsaw.edit.root=root
org.w3c.jigsaw.logger=org.w3c.jigsaw.http.CommonLogger
org.w3c.jigsaw.ssl.enabled=true
# Points to the key store (cf. 4. above, don't forget to put the full path to the keystore)
org.w3c.jigsaw.ssl.keystore.path=D:\IntechSW_Group\WES\Current\Deployment\WES\WS\Jigsaw\jigsaw\keystore\intechww.keystore
# Supplies the password for accessing the key store ...
org.w3c.jigsaw.ssl.keystore.password=temppass
# Finally, the socket client factory has to be set to the SSL factory ...
org.w3c.jigsaw.http.ClientFactory=org.w3c.jigsaw.https.socket.SSLSocketClientFactory



server-props.file

org.w3c.jigsaw.daemon.handlers=https-server|admin-server
https-server.org.w3c.jigsaw.daemon.class=org.w3c.jigsaw.https.httpsd
admin-server.org.w3c.jigsaw.daemon.class=org.w3c.jigsaw.admin.AdminServer






Regards
Faisal Javeed
INTECH Process Automation Pvt. Ltd.
119-B Tech Society Lahore-54590, Pakistan
Cell:      03334241582
Voice:   +92 42 5427001 (3 lines)
Fax:      +92 42 5411724
Web:     www.intechww.com

Reply | Threaded
Open this post in threaded view
|

RE: Configuring SSL for Jigsaw 2.2.4

Faisal Javeed
In reply to this post by Faisal Javeed

I was finally successfull running jigsaw using the props file by Laird, Brian .

loading properties from: D:\IntechSW_Group\WES\Current\Deployment\WES\WS\Jigsaw\jigsaw\config\server.props
Unable to launch  admin-server: no class or clones defined.
Jigsaw[2.2.4]: serving at https://lhe1-wes-pc-017/

Now when i try to access any page it shows the security alert with buttons to proceed cancel or view certificate. The certificate is there and is trusted as well. When i press the yes button to proceed the following exception occurs at server and the browser says "error 404 file not found"

+++ client-0(https-server-socket-clients:50) got exception:
org.w3c.www.http.HttpParserException: End Of File
        at org.w3c.www.http.HttpRequestMessage.notifyBeginParsing(HttpRequestMessage.java:193)
        at org.w3c.www.mime.MimeParser.parse(MimeParser.java:334)
        at org.w3c.jigsaw.http.Client.getNextRequest(Client.java:267)
        at org.w3c.jigsaw.http.Client.startConnection(Client.java:527)
        at org.w3c.jigsaw.http.socket.SocketClient.run(SocketClient.java:125)
        at org.w3c.util.CachedThread.run(ThreadCache.java:87)
+++ client-0(https-server-socket-clients:50) got ClientException:
org.w3c.jigsaw.http.ClientException: End Of File
        at org.w3c.jigsaw.http.Client.getNextRequest(Client.java:276)
        at org.w3c.jigsaw.http.Client.startConnection(Client.java:527)
        at org.w3c.jigsaw.http.socket.SocketClient.run(SocketClient.java:125)
        at org.w3c.util.CachedThread.run(ThreadCache.java:87)
org.w3c.jigsaw.http.ClientException: End Of File
        at org.w3c.jigsaw.http.Client.getNextRequest(Client.java:276)
        at org.w3c.jigsaw.http.Client.startConnection(Client.java:527)
        at org.w3c.jigsaw.http.socket.SocketClient.run(SocketClient.java:125)
        at org.w3c.util.CachedThread.run(ThreadCache.java:87)
org.w3c.www.http.HttpParserException: End Of File
        at org.w3c.www.http.HttpRequestMessage.notifyBeginParsing(HttpRequestMessage.java:193)
        at org.w3c.www.mime.MimeParser.parse(MimeParser.java:334)
        at org.w3c.jigsaw.http.Client.getNextRequest(Client.java:267)
        at org.w3c.jigsaw.http.Client.startConnection(Client.java:527)
        at org.w3c.jigsaw.http.socket.SocketClient.run(SocketClient.java:125)
        at org.w3c.util.CachedThread.run(ThreadCache.java:87)
GET / HTTP/1.1
Connection: keep-alive
Date: Mon, 31 Oct 2005 04:48:36 GMT
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.m
ion/msword, application/x-shockwave-flash, */*
Accept-Encoding: gzip, deflate
Accept-Language: en-us
Host: lhe1-wes-pc-017
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; (R1 1.5); .NET CLR 1.1.4322)

HTTP/1.1 404 Not Found
Date: Mon, 31 Oct 2005 04:48:36 GMT
Content-Length: 155
Content-Type: text/html
Server: Jigsaw/2.2.4p

The file is there on the server though.

Regards
Faisal Javeed
INTECH Process Automation Pvt. Ltd.
119-B Tech Society Lahore-54590, Pakistan
Cell:      03334241582
Voice:   +92 42 5427001 (3 lines)
Fax:      +92 42 5411724
Web:     www.intechww.com
Reply | Threaded
Open this post in threaded view
|

RE: Configuring SSL for Jigsaw 2.2.4

Laird, Brian
In reply to this post by Faisal Javeed

Faisal,

 

Absolute paths in the property file should be fine.  The only oddity that I can see is that all the other paths you have contain double slashes, but the path to the keystore is just setup with single slashes.  In general, if you are getting the popup window about the certificate not matching that is correct especially if you did the generation of the certificate.  The only way to have those popups go away is to either add the root certificate authority into the browser (which is painful at best) or purchase one from verisign, thawte, or somewhere like that.

 

The “End of File” errors are pretty common especially if you are behind a load balancer.  You can turn off tracing in the props file to suppress those errors.

 

As far as the file missing (the 404 error), I am not sure what to tell you since I can’t see your configuration.  In general make sure that the root node has a HTTPFrame added to it.  The HTTPFrame should have an index specified so the server knows what to serve up when someone just types in the https://www.myserver.com/.

 

I hope this helps,

Brian

 


From: [hidden email] [mailto:[hidden email]] On Behalf Of Faisal Javeed
Sent: Sunday, October 30, 2005 10:36 PM
To: [hidden email]
Subject: RE: Configuring SSL for Jigsaw 2.2.4

 


I did use the -keyalg RSA option to generate the certificate.
Is it neccessary to given relative paths in the prop files, right now i m using absolute paths.

This is my https-server file

#Updated by Install
#Wed Oct 26 12:21:21 GMT+05:00 2005
org.w3c.jigsaw.http.socket.SocketClientFactory.maxClients=30
org.w3c.jigsaw.request.timeout=3000000
org.w3c.jigsaw.client.bufsize=8192
org.w3c.jigsaw.serializer=org.w3c.tools.resources.serialization.xml.XMLSerializer
org.w3c.jigsaw.port=443
org.w3c.jigsaw.http.socket.SocketClientFactory.maxThreads=85
org.w3c.jigsaw.client.priority=5
org.w3c.jigsaw.trashdir=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES\\WS\\Jigsaw\\jigsaw\\trash
org.w3c.jigsaw.root=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES\\WS\\Jigsaw\\jigsaw
org.w3c.jigsaw.root.name=root
org.w3c.jigsaw.server=Jigsaw/2.2.4
org.w3c.jigsaw.docurl=/Doc/Reference
org.w3c.www.protocol.http.filters=
org.w3c.jigsaw.root.class=org.w3c.jigsaw.resources.DirectoryResource
org.w3c.jigsaw.checkpointer=/Admin/Checkpointer
org.w3c.jigsaw.checkSensitivity=true
org.w3c.jigsaw.propfile=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES\\WS\\Jigsaw\\jigsaw\\config\\https-server.props
org.w3c.jigsaw.space=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES\\WS\\Jigsaw\\jigsaw\\www
org.w3c.jigsaw.keepAlive=true
org.w3c.jigsaw.version.counter=4
org.w3c.jigsaw.http.socket.SocketClientFactory.maxFree=15
org.w3c.jigsaw.config=D\:\\IntechSW_Group\\WES\\Current\\Deployment\\WES\\WS\\Jigsaw\\jigsaw\\config
org.w3c.jigsaw.edit.root=root
org.w3c.jigsaw.logger=org.w3c.jigsaw.http.CommonLogger
org.w3c.jigsaw.ssl.enabled=true
# Points to the key store (cf. 4. above, don't forget to put the full path to the keystore)
org.w3c.jigsaw.ssl.keystore.path=D:\IntechSW_Group\WES\Current\Deployment\WES\WS\Jigsaw\jigsaw\keystore\intechww.keystore
# Supplies the password for accessing the key store ...
org.w3c.jigsaw.ssl.keystore.password=temppass
# Finally, the socket client factory has to be set to the SSL factory ...
org.w3c.jigsaw.http.ClientFactory=org.w3c.jigsaw.https.socket.SSLSocketClientFactory



server-props.file

org.w3c.jigsaw.daemon.handlers=https-server|admin-server
https-server.org.w3c.jigsaw.daemon.class=org.w3c.jigsaw.https.httpsd
admin-server.org.w3c.jigsaw.daemon.class=org.w3c.jigsaw.admin.AdminServer






Regards
Faisal Javeed
INTECH Process Automation Pvt. Ltd.
119-B Tech Society Lahore-54590, Pakistan
Cell:      03334241582
Voice:   +92 42 5427001 (3 lines)
Fax:      +92 42 5411724
Web:     www.intechww.com





************************************************************************
This e-mail and any accompanying documents or files contain information that is the 
property of HAVI Global Solutions, that is intended solely for those to whom this e-mail is addressed 
(i.e., those identified in the "To" and "Cc" boxes), and that is confidential, proprietary, 
and/or privileged.  If you are not an intended recipient of this e-mail, you are hereby 
notified that any viewing, use, disclosure, forwarding, copying, or distribution of any of 
this information is strictly prohibited and may be subject to legal sanctions.  If you have 
received this e-mail in error, please notify the sender immediately of any unintended 
recipients, and delete the e-mail, all attachments, and all copies of both from your system.

While we have taken reasonable precautions to ensure that any attachments to this e-mail 
have been swept for viruses, we cannot accept liability for any damage sustained as a 
result of software viruses.
************************************************************************
Reply | Threaded
Open this post in threaded view
|

RE: Configuring SSL for Jigsaw 2.2.4

Faisal Javeed
In reply to this post by Faisal Javeed

I was finally able to run jigsaw successfully, the problem was in the props file. Now there is another problem :), it was not serving any page explicitly or even the index.htm. I then started jigadmin and added a file resource pointing to index.htm, now the index.htm page was accessbile. Even if an image is included in the referenced page this image will not be displayed untill i add a file resource for it using jigadmin.
It seems to me like for each html page i want to access over ssl there needs to be a file resource added using jigadmin. Can anyone help me on this. Once jigsaw is properly configured and giving ssl service on some port how to access any web page placed in it.

Regards
Faisal Javeed
INTECH Process Automation Pvt. Ltd.
119-B Tech Society Lahore-54590, Pakistan
Cell:      03334241582
Voice:   +92 42 5427001 (3 lines)
Fax:      +92 42 5411724
Web:     www.intechww.com
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
This e-mail and any files transmitted are confidential and intended solely for the use of the individual or entity to which they are addressed, and may be privileged and confidential and protected from disclosure. If you are not the intended recipient of this e-mail or any part of it please notify us immediately by replying to the message and deleting it from your computer, or notifying to “[hidden email]”.

Any dissemination, distribution or copying of this communication is strictly prohibited. The comments or statements expressed in this e-mail are not necessarily those of “INTECH Process Automation Inc.” or its subsidiaries or affiliates. This message in its entirety is the sole property of “INTECH Process Automation Inc.”, and is scanned for viruses, and other malicious contents.