lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Steve Rowe <sar...@gmail.com>
Subject Re: Enable https for Solr
Date Fri, 21 Apr 2017 17:51:10 GMT
Edwin,

Did you set the required keystore/truststore/password system properties?  See the example
at <https://cwiki.apache.org/confluence/display/solr/Enabling+SSL#EnablingSSL-IndexadocumentusingCloudSolrClient>

--
Steve
www.lucidworks.com

> On Apr 21, 2017, at 1:44 PM, Zheng Lin Edwin Yeo <edwinyeozl@gmail.com> wrote:
> 
> Thank you Steve.
> 
> I have managed to set up the SSL, and the query via https is working now.
> 
> However, I am getting this error when I tried to do indexing using SolrJ. I
> have already changed the URL to pass using https.
> 
> What could be the reason that causes this?
> 
> javax.net.ssl.SSLHandshakeException: sun.security.validator.
> ValidatorException:
> PKIX path building failed: sun.security.provider.certpath.
> SunCertPathBuilderExce
> ption: unable to find valid certification path to requested target
>        at sun.security.ssl.Alerts.getSSLException(Unknown Source)
>        at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
>        at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
>        at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
>        at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown
> Source)
>        at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
>        at sun.security.ssl.Handshaker.processLoop(Unknown Source)
>        at sun.security.ssl.Handshaker.process_record(Unknown Source)
>        at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
>        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown
> Source
> )
>        at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
>        at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
>        at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown
> Source)
>        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnec
> tion.connect
> (Unknown Source)
>        at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown
> S
> ource)
>        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown
> So
> urce)
>        at sun.net.www.protocol.https.HttpsURLConnectionImpl.
> getInputStream(Unkn
> own Source)
>        at org.apache.solr.util.SimplePostTool.doHttpGet(
> SimplePostTool.java:1702)
>        at org.apache.solr.util.SimplePostTool.main(SimplePostTool.j
> ava:256)
> Caused by: sun.security.validator.ValidatorException: PKIX path building
> failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> vali
> d certification path to requested target
>        at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
>        at sun.security.validator.PKIXValidator.engineValidate(Unknown
> Source)
>        at sun.security.validator.Validator.validate(Unknown Source)
>        at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
>        at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown
> Source)
>        at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
> Sour
> ce)
>        ... 15 more
> Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
> unable to
> find valid certification path to requested target
>        at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown
> Sourc
> e)
>        at sun.security.provider.certpath.SunCertPathBuilder.
> engineBuild(Unknown
> Source)
>        at java.security.cert.CertPathBuilder.build(Unknown Source)
>        ... 21 more
> javax.net.ssl.SSLHandshakeException: sun.security.validator.
> ValidatorException:
> PKIX path building failed: sun.security.provider.certpath.
> SunCertPathBuilderExce
> ption: unable to find valid certification path to requested target
>        at sun.security.ssl.Alerts.getSSLException(Unknown Source)
>        at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
>        at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
>        at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
>        at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown
> Source)
>        at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
>        at sun.security.ssl.Handshaker.processLoop(Unknown Source)
>        at sun.security.ssl.Handshaker.process_record(Unknown Source)
>        at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
>        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown
> Source
> )
>        at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
>        at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
>        at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown
> Source)
>        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnec
> tion.connect
> (Unknown Source)
>        at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown
> S
> ource)
>        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown
> So
> urce)
>        at sun.net.www.protocol.https.HttpsURLConnectionImpl.
> getInputStream(Unkn
> own Source)
>        at org.apache.solr.util.SimplePostTool.doHttpGet(
> SimplePostTool.java:1702)
>        at org.apache.solr.util.SimplePostTool.main(SimplePostTool.j
> ava:256)
> Caused by: sun.security.validator.ValidatorException: PKIX path building
> failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> vali
> d certification path to requested target
>        at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
>        at sun.security.validator.PKIXValidator.engineValidate(Unknown
> Source)
>        at sun.security.validator.Validator.validate(Unknown Source)
>        at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
>        at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown
> Source)
>        at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
> Sour
> ce)
>        ... 15 more
> Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
> unable to
> find valid certification path to requested target
>        at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown
> Sourc
> e)
>        at sun.security.provider.certpath.SunCertPathBuilder.
> engineBuild(Unknown
> Source)
>        at java.security.cert.CertPathBuilder.build(Unknown Source)
>        ... 21 more
> 
> 
> Regards,
> Edwin
> 
> On 21 April 2017 at 22:02, Steve Rowe <sarowe@gmail.com> wrote:
> 
>> Hi Edwin,
>> 
>> See <https://cwiki.apache.org/confluence/display/solr/Enabling+SSL>.
>> 
>> --
>> Steve
>> www.lucidworks.com
>> 
>>> On Apr 21, 2017, at 12:03 AM, Zheng Lin Edwin Yeo <edwinyeozl@gmail.com>
>> wrote:
>>> 
>>> Hi,
>>> 
>>> I would like to find out, how can we allow Solr to accept secure
>>> connections via https?
>>> 
>>> I am using SolrCloud on Solr 6.4.2
>>> 
>>> Regards,
>>> Edwin
>> 
>> 


Mime
View raw message