[aerogear-dev] Using Let's encrypt SSL certificates with Java sender API

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[aerogear-dev] Using Let's encrypt SSL certificates with Java sender API

ag0ny
Hi,

just want to let you know that you might hit a problem using an official
certificate from Let's encrypt ( https://letsencrypt.org/ ) in Wildfly
Applicationserver for securing UPS-console.

Sending messages directly from within the UPS-console and with curl
works. But using the Java sender API does not and leads to the following
exception:

http://pastebin.com/0BAPK2kw

The following software environment was used:

- Wildfly Full 9.0.2.Final
- JDK 1.8.0_74-b02
- UPS 1.1.0.Final
- UP-Java-Client-1.1.0.Final

The reason for this, as it seems, is that the root ca certificate for
Let's encrypt is not included in the cacerts of the original JDK from
Oracle. As a workaround you can just copy the cacerts from an actual
OpenJDK (Tested with OpenJDK-6 from Ubuntu 14.04) to
$JAVA_HOME/jre/lib/security/. Most preferably make a copy of the
original file before. :-)

Maybe this is useful for somebody else.

Cheers,

Sascha
_______________________________________________
aerogear-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/aerogear-dev
Reply | Threaded
Open this post in threaded view
|

Re: [aerogear-dev] Using Let's encrypt SSL certificates with Java sender API

Matthias Wessendorf
Thanks for sharing!

On Wednesday, 17 February 2016, ag0ny <[hidden email]> wrote:
Hi,

just want to let you know that you might hit a problem using an official
certificate from Let's encrypt ( https://letsencrypt.org/ ) in Wildfly
Applicationserver for securing UPS-console.

Sending messages directly from within the UPS-console and with curl
works. But using the Java sender API does not and leads to the following
exception:

http://pastebin.com/0BAPK2kw

The following software environment was used:

- Wildfly Full 9.0.2.Final
- JDK 1.8.0_74-b02
- UPS 1.1.0.Final
- UP-Java-Client-1.1.0.Final

The reason for this, as it seems, is that the root ca certificate for
Let's encrypt is not included in the cacerts of the original JDK from
Oracle. As a workaround you can just copy the cacerts from an actual
OpenJDK (Tested with OpenJDK-6 from Ubuntu 14.04) to
$JAVA_HOME/jre/lib/security/. Most preferably make a copy of the
original file before. :-)

Maybe this is useful for somebody else.

Cheers,

Sascha
_______________________________________________
aerogear-dev mailing list
<a href="javascript:;" onclick="_e(event, &#39;cvml&#39;, &#39;aerogear-dev@lists.jboss.org&#39;)">aerogear-dev@...
https://lists.jboss.org/mailman/listinfo/aerogear-dev


--
Sent from Gmail Mobile

_______________________________________________
aerogear-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/aerogear-dev