Hi Salvo Java Team,
As reported in the #779974 josm is not working for Salvo because the
tile.openstreetmap.org SSL certificates are not trusted. This is caused
by the /etc/ssl/certs/java/cacert list being incomplete, it doesn't
include the entries other systems with ca-certificates-java have.
I tried using it today again.
I've noticed that after I get the initial error asking me to configure
a proxy, if I just hit cancel I can go on working normally.
2015-08-26 12:42 GMT+02:00 Sebastiaan Couwenberg sebas...@xs4all.nl:
Hi Salvo Java Team,
As reported in the #779974 josm is not
On 26-08-15 13:15, Salvo Tomaselli wrote:
I tried using it today again.
I've noticed that after I get the initial error asking me to configure
a proxy, if I just hit cancel I can go on working normally.
Shall we just close this bugreport, since a workaround is available?
Kind Regards,
Bas
OK, let's add all the certificates in the CA chain.
Start by saving the attached certificates in /tmp.
Import certificate for: GeoTrust Global CA
sudo keytool -v -importcert -trustcacerts -alias geotrust_global_ca \
-file /tmp/osm-tile-cert-2.crt \
-keystore /etc/ssl/certs/java/cacerts
In data mercoledì 22 aprile 2015 18:58:06, Sebastiaan Couwenberg ha scritto:
On 04/22/2015 11:29 AM, Salvo Tomaselli wrote:
In data martedì 21 aprile 2015 19:51:15, Sebastiaan Couwenberg ha scritto:
On 04/21/2015 09:22 AM, Salvo Tomaselli wrote:
aptitude update aptitude reinstall
On 04/22/2015 11:29 AM, Salvo Tomaselli wrote:
In data martedì 21 aprile 2015 19:51:15, Sebastiaan Couwenberg ha scritto:
On 04/21/2015 09:22 AM, Salvo Tomaselli wrote:
aptitude update aptitude reinstall ca-certificates
Tried this one, still same result in josm.
Still only 11 certs in the
In data martedì 21 aprile 2015 19:51:15, Sebastiaan Couwenberg ha scritto:
On 04/21/2015 09:22 AM, Salvo Tomaselli wrote:
aptitude update aptitude reinstall ca-certificates
Tried this one, still same result in josm.
Still only 11 certs in the Java cacerts keystore, this should be over
aptitude update aptitude reinstall ca-certificates
Tried this one, still same result in josm.
Can you attach the output of the command to see which CAs are included?
I had attached it already in the previous email. Now I'm attaching the new
output after the reinstallation.
--
Salvo
On 04/21/2015 09:22 AM, Salvo Tomaselli wrote:
aptitude update aptitude reinstall ca-certificates
Tried this one, still same result in josm.
Still only 11 certs in the Java cacerts keystore, this should be over 100.
Can you attach the output of the command to see which CAs are included?
I
Can you confirm that you've reinstalled the ca-certificates package?
I've reinstalled using dpkg -i --force-confmiss but no luck.
The certificate you look for is not in the output of keytool
--
Salvo Tomaselli
Io non mi sento obbligato a credere che lo stesso Dio che ci ha dotato di
senso,
Can you confirm that you've reinstalled the ca-certificates package?
I've reinstalled using dpkg -i --force-confmiss but no luck.
That doesn't download a new archive, try:
aptitude update aptitude reinstall ca-certificates
or:
apt-get update apt-get install --reinstall ca-certificates
On 04/13/2015 05:47 PM, Salvo Tomaselli wrote:
sudo update-ca-certificates --verbose
Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d
done.
done.
Clearly no new certificates are added.
ls -l
On a Debian unstable VM without customizations the cacerts file is
207196, about half the size of my Debian unstable workstation, but still
significantly larger than yours.
Try reconfiguring the ca-certificates package and enable at least the
COMODO/Comodo certificates because those are
On 04/13/2015 09:01 PM, Salvo Tomaselli wrote:
On a Debian unstable VM without customizations the cacerts file is
207196, about half the size of my Debian unstable workstation, but still
significantly larger than yours.
Try reconfiguring the ca-certificates package and enable at least the
Sorry, I just forgot to followup.
The issue is still there.
I will try later today to do some more experiments.
On 10/04/2015 22:59, Sebastiaan Couwenberg wrote:
Hi Salvo,
Can I conclude from your lack of response that the issue has been resolved?
Kind Regards,
Bas
Thanks for the tile server info.
c.tile.openstreetmap.org is an alias for tile.geo.openstreetmap.org.
tile.geo.openstreetmap.org is an alias for se.tile.openstreetmap.org.
se.tile.openstreetmap.org is an alias for oslo.tile.openstreetmap.org.
oslo.tile.openstreetmap.org has address
$ for f in {a,b,c}.tile.openstreetmap.org; do host $f echo; done
a.tile.openstreetmap.org is an alias for tile.geo.openstreetmap.org.
tile.geo.openstreetmap.org is an alias for se.tile.openstreetmap.org.
se.tile.openstreetmap.org is an alias for oslo.tile.openstreetmap.org.
sudo update-ca-certificates --verbose
Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d
done.
done.
ls -l /etc/ssl/certs/java/cacerts
-rw-r--r-- 1 root root 11940 apr 13 17:45 /etc/ssl/certs/java/cacerts
Same problem seems
Does you browser generate any warnings when you access the tile
directly?
No. It loads without problems.
Good.
I'm starting to suspect there is proxy on your local network or a
transparent proxy on the network of your ISP that intercepts the tile
Hm, Wouldn't that give me problems with
ls -l /etc/ssl/certs/java/cacerts
-rw-r--r-- 1 root root 11940 ott 20 18:56 /etc/ssl/certs/java/cacerts
Yours is very small, mine is 413593 bytes.
Try updating the cacerts file by running:
sudo update-ca-certificates --verbose
Then check the cacerts file again with:
ls -l
Does you browser generate any warnings when you access the tile directly?
No. It loads without problems.
I'm starting to suspect there is proxy on your local network or a
transparent proxy on the network of your ISP that intercepts the tile
Hm, Wouldn't that give me problems with loading from
To check the files themselves:
ls -l /usr/lib/jvm/java-7-openjdk-amd64/jre/lib/security/cacerts
lrwxrwxrwx 1 root root 27 mar 13 07:22 /usr/lib/jvm/java-7-openjdk-
amd64/jre/lib/security/cacerts - /etc/ssl/certs/java/cacerts
ls -l /etc/ssl/certs/java/cacerts
-rw-r--r-- 1 root root 11940 ott
Hi Salvo,
Can I conclude from your lack of response that the issue has been resolved?
Kind Regards,
Bas
--
GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146 50D1 6750 F10A E88D 4AF1
___
Pkg-grass-devel mailing list
On 03/08/2015 07:01 PM, Salvo Tomaselli wrote:
tried with the experimental version as well and it has the same problem.
On the GUI it will ask me to check for proxy settings and in the selector to
decide which area I want to edit, all the images will be missing.
OK, let's find out which
Hello,
tried with the experimental version as well and it has the same problem.
On the GUI it will ask me to check for proxy settings and in the selector to
decide which area I want to edit, all the images will be missing.
Best
--
Salvo Tomaselli
Io non mi sento obbligato a credere che lo
Control: tags -1 unreproducible
Hi Salvo,
Thanks for reporting this issue.
On 03/07/2015 10:45 AM, Salvo Tomaselli wrote:
Package: josm
Version: 0.0.svn7643+dfsg1-1
It may be worthwhile to upgrade to JOSM 8109 available in experimental.
apparently there is an expired certificate.
Failed
Processing control commands:
tags -1 unreproducible
Bug #779974 [josm] josm: invalid certificate
Added tag(s) unreproducible.
--
779974: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779974
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: notfound -1 josm/0.0.svn7643+dfsg1-1
Control: severity -1 normal
Hi Salvo,
I also cannot reproduce the issue with the JOSM version in jessie sid.
Since the SSL certificates are an issue on the server side, not in JOSM
itself, this is not a bug in the package.
You can edit the tile
Processing control commands:
notfound -1 josm/0.0.svn7643+dfsg1-1
Bug #779974 [josm] josm: invalid certificate
No longer marked as found in versions josm/0.0.svn7643+dfsg1-1.
severity -1 normal
Bug #779974 [josm] josm: invalid certificate
Severity set to 'normal' from 'grave'
--
779974:
Package: josm
Version: 0.0.svn7643+dfsg1-1
Severity: grave
Justification: renders package unusable
Dear Maintainer,
apparently there is an expired certificate.
Failed loading https://c.tile.openstreetmap.org/10/555/396.png:
sun.security.validator.ValidatorException: PKIX path building
30 matches
Mail list logo