I try to test MeteorJS on Windows. I downloaded the last version of Meteor (1.5.2).
At my workplace, when I tryed to create a new project with "meteor create simple-todos", as Admin or not, I had an error:
C:\DEV\METEORJS>meteor create simple-todos
=> Errors while creating your project
While downloading blaze#2.3.2...: error: self signed certificate in
certificate chain
While downloading blaze-html-templates#1.1.2...: error: self signed
certificate in certificate chain
While downloading blaze-tools#1.0.10...: error: self signed
certificate in certificate chain
...
At home, I retry this test as Admin, and it run well :
C:\DEV\METEORJS>meteor create simple-todos
Created a new Meteor app in
'simple-todos'.
To run your new app: cd simple-todos meteor
...
What could explain this error?
Could this affect the operation or reliability of an application built with Meteor?
Problem resolved with my "network manager" !
There isn't any proxy on the office's firewall, but there was a module that decrypted the SSL stream. After deactivating it, I was able to create my Meteor project.
Thank you #Styx for giving me the right track (with your first answer).
Related
I´m somehow new in the world of the self signed certs. I´m not sure that using one of this is posible to test my angular front. Looks like in my back all works fine with the same self-signed openssl generated certs.
When I access to https:// the login screen appears as normally but console throw back this error logs:
An SSL certificate error occurred when fetching the script.
Service worker registration failed with: DOMException: Failed to register a ServiceWorker for scope ('https://192.168.154.136/es/') with script ('https://192.168.154.136/es/ngsw-worker.js'): An SSL certificate error occurred when fetching the script.
And when trying to log in with a existent user:
POST https://192.168.154.135:3333/api/login/common net::ERR_CERT_COMMON_NAME_INVALID.
If someone have being in the same type issue or similar, it would be a pleasure to hear about.
I've got a WebSphere 9 server for testing web apps on my laptop. I also have Hybris running under Tomcat on my laptop (for testing also). I wrote a Java web app to test punchout functions in Hybris, that runs on my WebSphere server. It had been working, but I had to reinstall WebSphere. Since then, when I try to run my web app in WebSphere, I get this error in WebSphere:
javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: PKIX path
building failed: java.security.cert.CertPathBuilderException: unable
to find valid certification path to requested target
whenever my app tries to post to Hybris.
In the administrative console of WebSphere, I used the "receive from port" button to get the self-signed certificate from Hybris into the nodedefaultTrustStore in WebSphere. Hybris is at applied.local:9002 on my laptop and the certificate looks like this:
CN=applied.local, OU=applied.local, O=applied.local, L=applied.local,
ST=WI, C=us Valid from Jul 17, 2019 to Apr 11, 2022.
All of this was working previously, but I must have broken something. I must be missing something. I don't understand why it can't "find a valid certification path" to applied.local, since the CN is applied.local, and the certificate is in the trust store in WebSphere.
I got it working, but I don't know why I had to do this to get it working. If someone can explain why - that would be great. Anyway here's what I did:
Added custom variables to WebSphere to define where cacerts was, but default values should have worked, so not sure if this had any effect. In admin console, application servers > server1 > Java and Process Management, process definition, Java Virtual Machine, Customer properties: javax.net.ssl.truststore (path to cacerts in WebSphere), javax.net.ssl.truststoretype jks, and javax.net.ssl.trustStorePassword changeit.
Used a browser to export the self-signed certificate Hybris was using to a file.
Used Ikeyman to import the certificate into cacerts. (There are instructions on how to do this in IBM's pages).
Restarted WebSphere and Hybris and posting from WebSphere to Hybris worked again.
What doesn't make sense to me is that I had previously imported the Hybris self-signed certificate using the "Retrieve from port" button in the admin console for the NodeDefaultTrustStore. That used to work, but now apparently I have to import it into cacerts also or instead?
I was trying to establish a ssl connection to the sever in my application. for this, I generated self-signed certificates and added them to the keystore as well as the java cacerts which is the trust store.
But When I launch my application, I keep getting PKIX path building failed validatorException: unable to find valid path to requested target error
Hence unable to login to my java application.I use java1.8.0_144 version.
Try to login to the website which IDE is complaining about, and see if you are able to access it through the browser.
If so, then check for the certificate being used in the browser and check that certificate is present in your java cacerts.
Hi i usually generated the root CA with openssl and never worked importing that into the cacerts with keytools. You can instead generate it with this application i made out of desperation (it's a Java 11 app):
https://github.com/kendarorg/JavaCaCertGenerator
Its only purpose is to replace the generation of the private key and the root certificate, in a form "fit" for cacerts. From there you can produce the various certificates for the addresses
When using EppLib.net (and as per the Nominet instructions - http://registrars.nominet.uk/namespace/uk/registration-and-domain-management/registrar-systems/epp/testbed)
In order to verify the identity of the secure server you will need the 'Verisign Class 3 Public Primary Certification Authority' root certificate available free from www.verisign.com (the certificate is also distributed with most web browsers).
I am supplying the Verisign Class 3 PPCA Certs in .crt format (I can't export as a pfx) within the code (and have tried every cert installed on the server).
However each one fails with the error (when trying to negotiate the connection):
An existing connection was forcibly closed by the remote host.
I've confirmed that I can connect from the server to Nominet by running cURL
curl -v https://testbed-epp.nominet.org.uk:700
and that responds as I would expect - or at least without an error!
I have also tried to use the same cert that curl appears to be using without success.
Can anyone help with pointing me in the right direction with the SSL that I should be using or how to get hold of the correct certificate?
thanks in advance
For anyone having a similar issue, it wasn't a question of which SSL certificate to use, but to ensure the correct protocol was being used. Incidentally, I got it working initially using the curl-ca-bundle.crt provided with cURL.
This certificate, in combination with a change to the target .net framework for the EppLib.net project resolved my issue.
On cloning from Github the target was .net 4.0 and Nominet needs at least TLS1.1, which wasn't available in v4.
Therefore I also updated the target to 4.5.1 for the EppLib.net project and changed the SslProtocol from
SslProtocol.Tls to
SslProtocol.Tls12
We are developing an hybrid application ( Android , iOS )
and we are facing an issue communicating with our backend services.
We are using untrusted certificate in the development environment and this lead to an error invoking the services using WLResourceRequest in the hybrid code.
The error on the android platform is the following:
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
And reading from android logcat comes out this:
04-20 12:50:04.300 9427-9450/com.myApp D/wl.resource_request: WLResourceRequest.handleOnFailure in WLResourceRequest.java:658 :: Unexpected errorCode occurred. Please try again.
04-20 12:50:04.308 9427-9450/com.myApp D/com.worklight.androidgap.plugin.WLResourceRequestPlugin: WLResourceRequestPlugin$1$1.onFailure in WLResourceRequestPlugin.java:92 :: inside WLResourceRequestPlugin failure
How can we manage to pass through the certificate validation? or is there something we can do to properly invoke the services?
You can overcome this by adding the CA certificate to your device.
Go to Settings -> Security -> Install from SD card and install the CA certificate to the device.