Hi everyone,
We followed these steps: Secure Communications - CA Release Automation - 5.5.2 - CA Technologies Documentation
to secure our UI Communication, so that we're able to use https without a problem. But we had one thing differ from the description, it does say to use the same version of the jdk as it was installed for CA-RA. Well CA-RA comes with the jre 1.7.0_07 and we didn't find the jdk for that, so I used the 1.7.0_79, as the jdk is needed to create the jar file and sign it. I was hoping that the major version counts, but as we're getting java errors, this might not be the case
The Release Operation Center does work fine, but when I try to start the Automation Studio, I'm getting into two situations here:
Starting Automation Studio with the http address, gives me the error, that the certificate could not be validated.
More information gives the following error:
sun.security.validator.ValidatorException: Extended key usage does not permit use for code signing
at sun.security.validator.EndEntityChecker.checkCodeSigning(Unknown Source)
at sun.security.validator.EndEntityChecker.check(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at com.sun.deploy.security.TrustDecider.getValidationState(Unknown Source)
at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGrantedInt(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at com.sun.javaws.security.AppPolicy.grantUnrestrictedAccess(Unknown Source)
at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResourcesHelper(Unknown Source)
at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResources(Unknown Source)
at com.sun.javaws.Launcher.prepareResources(Unknown Source)
at com.sun.javaws.Launcher.prepareAllResources(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main.access$000(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
When I then check the certificate details, everything looks fine for me.
Starting Automation Studio with the https address gives me the error, that the application could not be startet and it points to an error that the resource nolio-app/truststore.jsp could not be loaded, details give:
Startfile:
<?xml version="1.0" encoding="utf-8"?>
<jnlp spec="6.0+" codebase="https://ara.munich.munichre.com:8443/nolio-app">
<application-desc main-class="com.nolio.platform.shared.app.NolioApp"/>
<information>
<title>Automation Studio</title>
<vendor>CA Technologies</vendor>
<homepage href="http://www.ca.com"/>
<description>Automation Studio</description>
<description kind="short">Automation Studio</description>
<icon href="images/favicon.ico"/>
<icon kind="splash" href="apps/nolio_splash.png"/>
<offline-allowed/>
</information>
<security> <all-permissions/> </security>
<resources>
<java version="1.6+" initial-heap-size="64m" max-heap-size="512m" java-vm-args="-XX:MaxPermSize=130m -XX:+HeapDumpOnOutOfMemoryError"/>
<jar href="apps/v2.0.0/lib/nolio-shared-app-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/activation-1.1.jar"/>
<jar href="apps/v2.0.0/lib/ant-1.8.1.jar"/>
<jar href="apps/v2.0.0/lib/ant-launcher-1.8.1.jar"/>
<jar href="apps/v2.0.0/lib/antlr-2.7.7.jar"/>
<jar href="apps/v2.0.0/lib/aopalliance-1.0.jar"/>
<jar href="apps/v2.0.0/lib/asm-5.0.3.jar"/>
<jar href="apps/v2.0.0/lib/aspectjrt-1.7.2.jar"/>
<jar href="apps/v2.0.0/lib/aspectjweaver-1.6.8.jar"/>
<jar href="apps/v2.0.0/lib/c3p0-0.9.1.1.jar"/>
<jar href="apps/v2.0.0/lib/commons-beanutils-1.7.0.jar"/>
<jar href="apps/v2.0.0/lib/commons-beanutils-core-1.8.0.jar"/>
<jar href="apps/v2.0.0/lib/commons-cli-1.1.jar"/>
<jar href="apps/v2.0.0/lib/commons-codec-1.6.jar"/>
<jar href="apps/v2.0.0/lib/commons-collections-3.2.1.jar"/>
<jar href="apps/v2.0.0/lib/commons-compress-1.0.jar"/>
<jar href="apps/v2.0.0/lib/commons-configuration-1.6.jar"/>
<jar href="apps/v2.0.0/lib/commons-digester-1.8.jar"/>
<jar href="apps/v2.0.0/lib/commons-exec-1.1.jar"/>
<jar href="apps/v2.0.0/lib/commons-httpclient-3.0-rc2.jar"/>
<jar href="apps/v2.0.0/lib/commons-io-2.0.1.jar"/>
<jar href="apps/v2.0.0/lib/commons-lang-2.4.jar"/>
<jar href="apps/v2.0.0/lib/commons-lang3-3.1.jar"/>
<jar href="apps/v2.0.0/lib/commons-logging-1.1.1.jar"/>
<jar href="apps/v2.0.0/lib/commons-validator-1.4.0.jar"/>
<jar href="apps/v2.0.0/lib/conf-utils-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/dbo-entities-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/dom4j-1.6.1.jar"/>
<jar href="apps/v2.0.0/lib/eventbus-1.4.jar"/>
<jar href="apps/v2.0.0/lib/expectj-2.0.7.jar"/>
<jar href="apps/v2.0.0/lib/forms-1.0.7.jar"/>
<jar href="apps/v2.0.0/lib/guava-13.0.1.jar"/>
<jar href="apps/v2.0.0/lib/guava-gwt-13.0.1.jar"/>
<jar href="apps/v2.0.0/lib/healthmonitor-api-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/hibernate-commons-annotations-4.0.1.Final.jar"/>
<jar href="apps/v2.0.0/lib/hibernate-core-4.1.4.Final.jar"/>
<jar href="apps/v2.0.0/lib/hibernate-entitymanager-4.1.4.Final.jar"/>
<jar href="apps/v2.0.0/lib/hibernate-envers-4.1.4.Final.jar"/>
<jar href="apps/v2.0.0/lib/hibernate-jpa-2.0-api-1.0.1.Final.jar"/>
<jar href="apps/v2.0.0/lib/httpclient-4.3.2.jar"/>
<jar href="apps/v2.0.0/lib/httpcore-4.3.1.jar"/>
<jar href="apps/v2.0.0/lib/jackson-annotations-2.4.2.jar"/>
<jar href="apps/v2.0.0/lib/jackson-core-2.4.2.jar"/>
<jar href="apps/v2.0.0/lib/jackson-databind-2.4.2.jar"/>
<jar href="apps/v2.0.0/lib/jackson-module-mrbean-2.4.2.jar"/>
<jar href="apps/v2.0.0/lib/jatl-0.2.2.jar"/>
<jar href="apps/v2.0.0/lib/javassist-3.12.1.GA.jar"/>
<jar href="apps/v2.0.0/lib/javassist-3.15.0-GA.jar"/>
<jar href="apps/v2.0.0/lib/javax.inject-1.jar"/>
<jar href="apps/v2.0.0/lib/jaxen-1.1.1.jar"/>
<jar href="apps/v2.0.0/lib/jboss-logging-3.1.0.GA.jar"/>
<jar href="apps/v2.0.0/lib/jboss-transaction-api_1.1_spec-1.0.0.Final.jar"/>
<jar href="apps/v2.0.0/lib/jcip-annotations-1.0.jar"/>
<jar href="apps/v2.0.0/lib/jcl-over-slf4j-1.7.1.jar"/>
<jar href="apps/v2.0.0/lib/jdom-1.0.jar"/>
<jar href="apps/v2.0.0/lib/jide-action-2.2.4.jar"/>
<jar href="apps/v2.0.0/lib/jide-common-2.2.4.jar"/>
<jar href="apps/v2.0.0/lib/jide-components-2.2.4.jar"/>
<jar href="apps/v2.0.0/lib/jide-dialogs-2.2.4.jar"/>
<jar href="apps/v2.0.0/lib/jide-dock-2.2.4.jar"/>
<jar href="apps/v2.0.0/lib/jide-grids-2.2.4.jar"/>
<jar href="apps/v2.0.0/lib/jsch-0.1.51.jar"/>
<jar href="apps/v2.0.0/lib/jsr305-2.0.1.jar"/>
<jar href="apps/v2.0.0/lib/junit-3.8.1.jar"/>
<jar href="apps/v2.0.0/lib/log4j-1.2.16.jar"/>
<jar href="apps/v2.0.0/lib/looks-2.2.1.jar"/>
<jar href="apps/v2.0.0/lib/nolio-actions-shared-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/nolio-bin-shared-app-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/nolio-branding-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/nolio-conf-shared-app-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/nolio-entities-shared-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/nolio-hibernate-shared-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/nolio-liquor-shared-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/nolio-service-now-client-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/nolio-shared-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/nolio-shared-app-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/nolio-shared-gui-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/opencsv-2.2.jar"/>
<jar href="apps/v2.0.0/lib/oro-2.0.8.jar"/>
<jar href="apps/v2.0.0/lib/PDFjet.jar"/>
<jar href="apps/v2.0.0/lib/quartz-2.2.1.jar"/>
<jar href="apps/v2.0.0/lib/ra-auth-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/ra-model-wrappers-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/ra-services-api-5.5.2.jar"/>
<jar href="apps/v2.0.0/lib/reflections-0.9.8.jar"/>
<jar href="apps/v2.0.0/lib/servlet-api-2.5.jar"/>
<jar href="apps/v2.0.0/lib/sigar.jar"/>
<jar href="apps/v2.0.0/lib/slf4j-api-1.7.5.jar"/>
<jar href="apps/v2.0.0/lib/slf4j-log4j12-1.7.5.jar"/>
<jar href="apps/v2.0.0/lib/spring-aop-4.0.6.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/spring-beans-4.0.6.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/spring-context-4.0.6.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/spring-core-4.0.6.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/spring-data-commons-1.5.1.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/spring-data-jpa-1.3.2.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/spring-expression-4.0.6.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/spring-jdbc-3.2.8.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/spring-ldap-core-1.3.2.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/spring-orm-4.0.6.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/spring-security-acl-3.2.4.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/spring-security-config-3.2.4.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/spring-security-core-3.2.4.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/spring-security-ldap-3.2.4.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/spring-security-remoting-3.2.4.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/spring-security-web-3.2.4.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/spring-tx-4.0.6.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/spring-web-4.0.6.RELEASE.jar"/>
<jar href="apps/v2.0.0/lib/validation-api-1.0.0.GA.jar"/>
<jar href="apps/v2.0.0/lib/xml-apis-1.4.01.jar"/>
<jar href="apps/v2.0.0/lib/xmlpull-1.1.3.1.jar"/>
<jar href="apps/v2.0.0/lib/xpp3_min-1.1.4c.jar"/>
<jar href="apps/v2.0.0/lib/xstream-1.4.3.jar"/>
<jar href="apps/v2.0.0/lib/y.jar"/>
<jar href="apps/v2.0.0/lib/zip4j-1.3.2.jar"/>
<property name="jnlp.nolio.app.strings.path" value="lang/strings_en.properties"/>
<property name="jnlp.nolio.app.code.base" value="https://ara.munich.munichre.com:8443"/>
<extension name="truststore-jar" href="truststore.jsp"/>
</resources>
</jnlp>
Esception:
com.sun.deploy.net.FailedDownloadException: Ressource konnte nicht geladen werden: https://ara.munich.munichre.com:8443/nolio-app/truststore.jsp
at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source)
at com.sun.deploy.net.DownloadEngine.downloadResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getJreResource(Unknown Source)
at com.sun.javaws.LaunchDownload._downloadExtensionsHelper(Unknown Source)
at com.sun.javaws.LaunchDownload.downloadExtensionsHelper(Unknown Source)
at com.sun.javaws.LaunchDownload.downloadExtensions(Unknown Source)
at com.sun.javaws.Launcher.prepareLaunchFile(Unknown Source)
at com.sun.javaws.Launcher.prepareAllResources(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main.access$000(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
third tab (sorry, can't translate it, it is called "Umbrochene Ausnahme" in german)
:
javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.access$200(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivilegedWithCombiner(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at com.sun.deploy.net.HttpUtils.followRedirects(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doGetRequest(Unknown Source)
at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source)
at com.sun.deploy.net.DownloadEngine.downloadResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getJreResource(Unknown Source)
at com.sun.javaws.LaunchDownload._downloadExtensionsHelper(Unknown Source)
at com.sun.javaws.LaunchDownload.downloadExtensionsHelper(Unknown Source)
at com.sun.javaws.LaunchDownload.downloadExtensions(Unknown Source)
at com.sun.javaws.Launcher.prepareLaunchFile(Unknown Source)
at com.sun.javaws.Launcher.prepareAllResources(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main.access$000(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.EOFException: SSL peer shut down incorrectly
at sun.security.ssl.InputRecord.read(Unknown Source)
... 35 more
Could the different jdk / jre version might cause this behavior?
As always, any help is much appreciated.
Thanks
Michael