Comments (6)
I received a c2 and a c3 certificate for running the AS4 Conformance Testing with the CEF eDelivery AS4 Conformance Test service, and it seems I succesfully loaded it from the pondersource-c2.pfx file provided, but now the phase4-server-webapp throws this error in the logs - any advice?
13-Jul-2021 09:15:40.922 SEVERE [main] org.apache.catalina.core.StandardContext.listenerStart Exception sending context initialized event to listener instance of class [com.helger.phase4.peppol.server.servlet.Phase4PeppolWebAppListener]
com.helger.commons.exception.InitializationException: The provided certificate is not a valid Peppol certificate. Check result: UNSUPPORTED_ISSUER
at com.helger.phase4.peppol.server.servlet.Phase4PeppolWebAppListener._initPeppolAS4(Phase4PeppolWebAppListener.java:214)
at com.helger.phase4.peppol.server.servlet.Phase4PeppolWebAppListener.initManagers(Phase4PeppolWebAppListener.java:238)
at com.helger.photon.core.servlet.WebAppListener.contextInitialized(WebAppListener.java:688)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4768)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5230)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:728)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:700)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:696)
at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:1024)
at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1911)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
at java.base/java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:118)
at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:825)
at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:475)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1618)
at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:319)
at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:123)
at org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:423)
at org.apache.catalina.util.LifecycleBase.setState(LifecycleBase.java:366)
at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:948)
at org.apache.catalina.core.StandardHost.startInternal(StandardHost.java:835)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1398)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1388)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
at java.base/java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:140)
at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:921)
at org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:263)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.StandardService.startInternal(StandardService.java:437)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:934)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.startup.Catalina.start(Catalina.java:772)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:345)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:476)
from phase4.
I guess I should find the CA Issuer cert for the testbed and add it to https://github.com/phax/peppol-commons/blob/dcda8cd74adc36f8f815db193687c949b9103426/peppol-commons/src/main/java/com/helger/peppol/utils/PeppolCertificateChecker.java#L86-L87
from phase4.
Yes, you need to add the Peppol PKI where necessary. See https://github.com/phax/peppol-commons/tree/master/peppol-commons/src/main/resources/truststore for the "default" truststores available
from phase4.
Ah now I got it.
You cannot mix the CEF certificates with the Peppol certificates.
CEF has it's own CA.
And the Peppol web application is by default linked to the Peppol CA only (that's why there are "CEF" labeled components in the project).
from phase4.
See application.properties
for these properties to change:
org.apache.wss4j.crypto.merlin.truststore.type=JKS
org.apache.wss4j.crypto.merlin.truststore.file=truststore/complete-truststore.jks
org.apache.wss4j.crypto.merlin.truststore.password=peppol
# SMP Client
smpclient.truststore.type=JKS
smpclient.truststore.path=truststore/complete-truststore.jks
smpclient.truststore.password=peppol
from phase4.
Ah right, of course. That answers it. Thanks a lot!
from phase4.
Related Issues (20)
- aProcessingErrorMessages in handleIncomingSBD HOT 6
- Sending to wildcard HOT 1
- aAPCertificate parameter in IPhase4PeppolCertificateCheckResultHandler is Nullable HOT 1
- Peppol Reporting missing C1 country code for incoming items HOT 1
- Receiving WildCard Error HOT 5
- DBNA profile HOT 2
- PMode.Leg[1].BusinessInfo.Service 'null' is unsupported HOT 12
- Enhancement request : make status of used version available via a status page or rest endpoint
- Idea: Add marks to log, so it is easier to read for human HOT 3
- Validating NRRs against sent or received messages HOT 1
- Sending Einvoice to SG ABN resulting in Invalid Certificate Error HOT 7
- Better AS4 error message when duplicate MessageId has been detected HOT 2
- Give access to the HTTP error response
- Provide a possibility to exclude stack traces from AS4 error messages HOT 1
- Not working with brainpool curve based encryption required for BDEW profile
- Bad Request: Error validating incoming AS4 UserMessage with the profile DBN Alliance following errors are present: [PMode.Leg[1].Security.X509EncryptionAlgorithm must use the value 'aes256-gcm' instead of 'aes128-gcm'] HOT 7
- Add DBNA pendant to phase4-peppol-servlet
- Trust anchor for certification path not found error for Incoming AS4 messages HOT 3
- Dynamically set responder address for incoming messages
- BDEW profile: Curve not supported: brainpoolP256r1 (1.3.36.3.3.2.8.1.1.7) HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from phase4.