Thanks a lot for your quick replies. Could you just confirm to me that the following url is the relevant ressource for guidance? :
https://docs.geoserver.org/latest/en/user/security/tutorials/cert/index.html Thanks again. Le jeu. 15 juil. 2021 à 17:30, Alexandre Gacon <alexandre.ga...@gmail.com> a écrit : > Hi, > > You perhaps have to register the IGN certificate into the TOMCAT > certificate store of your geoserver instance. > > Alexandre > > Le jeu. 15 juil. 2021 à 17:19, celati Laurent <laurent.cel...@gmail.com> > a écrit : > >> Good afternoon, >> I succeed in setting a remote WMS data store (from french IGN ressources) >> in filling the following URl in geoserver : >> >> >> http://gpp3-wxs.ign.fr/<KEY>/geoportail/r/wms?SERVICE=WMS&VERSION=1.3.0&REQUEST=GetCapabilities >> >> It works and i can see several data shared by the french IGN. But when i >> select one of them and i try to preview the data, >> I have the following error message. >> >> [image: image.png] >> >> As far as i understood, i have to do an additional action to validate, >> certificate something. >> Could you help me ? Thanks a lot. Please find below the geoserver >> logfiles : >> >> Code: >> >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >> at >> org.geoserver.filters.FlushSafeFilter.doFilter(FlushSafeFilter.java:42) >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >> at >> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) >> at >> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) >> at >> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) >> at >> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:667) >> at >> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143) >> at >> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) >> at >> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690) >> at >> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) >> at >> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) >> at >> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374) >> at >> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) >> at >> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:888) >> at >> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1597) >> at >> org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) >> at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) >> at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) >> at >> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) >> at java.lang.Thread.run(Unknown Source) >> Caused by: org.geoserver.platform.ServiceException: >> javax.net.ssl.SSLHandshakeException: >> sun.security.validator.ValidatorException: PKIX path validation failed: >> java.security.cert.CertPathValidatorException: validity check failed >> at >> org.geoserver.wms.map.RenderedImageMapOutputFormat.directRasterRender(RenderedImageMapOutputFormat.java:1096) >> at >> org.geoserver.wms.map.RenderedImageMapOutputFormat.produceMap(RenderedImageMapOutputFormat.java:345) >> ... 127 more >> Caused by: javax.net.ssl.SSLHandshakeException: >> sun.security.validator.ValidatorException: PKIX path validation failed: >> java.security.cert.CertPathValidatorException: validity check failed >> at sun.security.ssl.Alert.createSSLException(Unknown Source) >> at sun.security.ssl.TransportContext.fatal(Unknown Source) >> at sun.security.ssl.TransportContext.fatal(Unknown Source) >> at sun.security.ssl.TransportContext.fatal(Unknown Source) >> at >> sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(Unknown >> Source) >> at >> sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(Unknown >> Source) >> at >> sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(Unknown >> Source) >> at sun.security.ssl.SSLHandshake.consume(Unknown Source) >> at sun.security.ssl.HandshakeContext.dispatch(Unknown Source) >> at sun.security.ssl.HandshakeContext.dispatch(Unknown Source) >> at sun.security.ssl.TransportContext.dispatch(Unknown Source) >> at sun.security.ssl.SSLTransport.decode(Unknown Source) >> at sun.security.ssl.SSLSocketImpl.decode(Unknown Source) >> at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source) >> at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) >> at sun.security.ssl.SSLSocketImpl.ensureNegotiated(Unknown Source) >> at sun.security.ssl.SSLSocketImpl.access$200(Unknown Source) >> at sun.security.ssl.SSLSocketImpl$AppOutputStream.write(Unknown Source) >> at java.io.BufferedOutputStream.flushBuffer(Unknown Source) >> at java.io.BufferedOutputStream.flush(Unknown Source) >> at >> org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828) >> at >> org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.flushRequestOutputStream(MultiThreadedHttpConnectionManager.java:1565) >> at >> org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116) >> at >> org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096) >> at >> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398) >> at >> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) >> at >> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) >> at >> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) >> at >> org.geotools.ows.wms.MultithreadedHttpClient.executeMethod(MultithreadedHttpClient.java:192) >> at >> org.geotools.ows.wms.MultithreadedHttpClient.get(MultithreadedHttpClient.java:214) >> at >> org.geotools.ows.wms.MultithreadedHttpClient.get(MultithreadedHttpClient.java:197) >> at >> org.geotools.data.ows.AbstractOpenWebService.internalIssueRequest(AbstractOpenWebService.java:436) >> at org.geotools.ows.wms.WebMapServer.issueRequest(WebMapServer.java:443) >> at >> org.geotools.ows.wms.map.WMSCoverageReader.getMap(WMSCoverageReader.java:307) >> at >> org.geotools.ows.wms.map.WMSCoverageReader.read(WMSCoverageReader.java:290) >> at >> org.geotools.renderer.lite.gridcoverage2d.GridCoverageReaderHelper.readSingleCoverage(GridCoverageReaderHelper.java:642) >> at >> org.geotools.renderer.lite.gridcoverage2d.GridCoverageReaderHelper.readCoverage(GridCoverageReaderHelper.java:207) >> at >> org.geotools.renderer.lite.gridcoverage2d.GridCoverageRenderer.renderImage(GridCoverageRenderer.java:676) >> at >> org.geotools.renderer.lite.gridcoverage2d.GridCoverageRenderer.renderImage(GridCoverageRenderer.java:639) >> at >> org.geoserver.wms.map.RenderedImageMapOutputFormat.directRasterRender(RenderedImageMapOutputFormat.java:944) >> ... 128 more >> Caused by: sun.security.validator.ValidatorException: PKIX path validation >> failed: java.security.cert.CertPathValidatorException: validity check failed >> at sun.security.validator.PKIXValidator.doValidate(Unknown Source) >> at sun.security.validator.PKIXValidator.engineValidate(Unknown Source) >> at sun.security.validator.Validator.validate(Unknown Source) >> at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source) >> at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source) >> at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown >> Source) >> ... 164 more >> Caused by: java.security.cert.CertPathValidatorException: validity check >> failed >> at >> sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(Unknown >> Source) >> at sun.security.provider.certpath.PKIXCertPathValidator.validate(Unknown >> Source) >> at sun.security.provider.certpath.PKIXCertPathValidator.validate(Unknown >> Source) >> at >> sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(Unknown >> Source) >> at java.security.cert.CertPathValidator.validate(Unknown Source) >> ... 170 more >> Caused by: java.security.cert.CertificateExpiredException: NotAfter: Sat Mar >> 28 16:33:00 CET 2020 >> at sun.security.x509.CertificateValidity.valid(Unknown Source) >> at sun.security.x509.X509CertImpl.checkValidity(Unknown Source) >> at sun.security.provider.certpath.BasicChecker.verifyValidity(Unknown >> Source) >> at sun.security.provider.certpath.BasicChecker.check(Unknown Source) >> >> >> >> >> _______________________________________________ >> Geoserver-users mailing list >> >> Please make sure you read the following two resources before posting to >> this list: >> - Earning your support instead of buying it, but Ian Turton: >> http://www.ianturton.com/talks/foss4g.html#/ >> - The GeoServer user list posting guidelines: >> http://geoserver.org/comm/userlist-guidelines.html >> >> If you want to request a feature or an improvement, also see this: >> https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer >> >> >> Geoserver-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/geoserver-users >> > > > -- > Alexandre Gacon >
_______________________________________________ Geoserver-users mailing list Please make sure you read the following two resources before posting to this list: - Earning your support instead of buying it, but Ian Turton: http://www.ianturton.com/talks/foss4g.html#/ - The GeoServer user list posting guidelines: http://geoserver.org/comm/userlist-guidelines.html If you want to request a feature or an improvement, also see this: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users