Hi Sam,

The keystores should look like this:
postgress keystore              ---       ofbiz ssl keystore
postgress public&private key             ofbiz public&private key
ofbiz public key                         postgress public key

please read this
ref:http://www-128.ibm.com/developerworks/edu/j-dw-javajsse-i.html

Regards,

Shi Jinghai/Beijing Langhua Ltd.


在 2007-03-29四的 18:41 -0700,Sam Benz写道:
> I have imported postgres's server.crt into ofbiz's keystore using keytool.
> now I am getting the following error in my postgrestql log file 'could not
> accept SSL connection: sslv3 alert certificate unknown'
> 
> I have been looking through both postgres and ofbiz documentation and I have
> exported a certificate file from ofbizssl.jks to the postgres data directory
> (where root.crt is stored) but I can't find any docs about the keystore in
> postgres.
> 
> Thanks again,
> 
> Sam
> 
> 
> cjhowe wrote:
> > 
> > I often times get confused which side is needing the trusting, but my
> > belief is that you need to put the postgres server's certificate into
> > ofbiz's truststore...
> > 
> > steps for this should be similar to the heading "SSL" in the following
> > link http://docs.ofbiz.org/display/OFBIZ/Google+Checkout+Integration
> > just replace checkout.google.com with the location of your postgres
> > server.
> > 
> > --- Sam Benz <[EMAIL PROTECTED]> wrote:
> > 
> >> 
> >> Thanks for your help we are making progress now
> >> 
> >> I can logon to the db with the username ofbiz from pgadmin...
> >> 
> >> I just tried 
> >> 
> >>  <inline-jdbc
> >>                 jdbc-driver="org.postgresql.Driver"                
> >>                
> >> jdbc-uri="jdbc:postgresql://10.73.65.114/ofbiz-current?ssl=true"
> >>                 jdbc-username="ofbiz"
> >>                 jdbc-password="ofbiz"
> >>                 isolation-level="ReadCommitted"
> >>                 pool-minsize="2"
> >>                 pool-maxsize="20"/>
> >> 
> >> with 10.73.65.125 specifically added to my hba.conf file ...
> >> 
> >> now I am getting security certificate errors from ofbiz and geronimo
> >> 
> >> Once again I have attached the ofbiz.log file 
> >> http://www.nabble.com/file/7470/ofbiz.log ofbiz.log 
> >> 
> >> 
> >> cjhowe wrote:
> >> > 
> >> > Actually, looking into the Minerva implementation, all of the
> >> > inline-jdbc attributes are set specifically and ssl isn't one of
> >> them,
> >> > so you may try appending ?ssl=true to the jdbc-uri
> >> > ie:
> >> > jdbc-uri="jdbc:postgresql://127.0.0.1/ofbiz?ssl=true"
> >> > 
> >> > 
> >> > --- Chris Howe <[EMAIL PROTECTED]> wrote:
> >> > 
> >> >> first make sure you have a user on your postgres server for
> >> >> [EMAIL PROTECTED] (or @ domain that resolves to 10.73.65.125)
> >> >> 
> >> >> then in your ofbiz.home/framework/entity/config/entityengine.xml
> >> file
> >> >> for your localpostgres datasource in the inline-jdbc element add
> >> >> ssl="true"
> >> >> 
> >> >> then report back :)
> >> >> 
> >> >> --- Sam Benz <[EMAIL PROTECTED]> wrote:
> >> >> 
> >> >> > 
> >> >> > I have not found any errors from postgres but I have attached
> >> the
> >> >> log
> >> >> > file
> >> >> > from ofbiz  framework/logs/ofbiz.log
> >> >> > 
> >> >> > 
> >> >> > here are a few relevant lines
> >> >> > 
> >> >> > 
> >> >> > 2007-03-26 19:00:08,280 (main) [  ConnectionFactory.java:85
> >> :ERROR]
> >> >> 
> >> >> > ---- runtime exception report
> >> >> > --------------------------------------------------
> >> >> > There was an error getting a Minerva datasource.
> >> >> > Exception: java.lang.RuntimeException
> >> >> > Message: Could not create connection
> >> >> > ---- stack trace
> >> >> > ---------------------------------------------------------------
> >> >> > java.lang.RuntimeException: Could not create connection
> >> >> >
> >> >>
> >> >
> >>
> > org.ofbiz.minerva.pool.ObjectPool.createNewObject(ObjectPool.java:944)
> >> >> > org.ofbiz.minerva.pool.ObjectPool.getObject(ObjectPool.java:630)
> >> >> >
> >> >>
> >> >
> >>
> > org.ofbiz.minerva.pool.jdbc.xa.XAPoolDataSource.getConnection(XAPoolDataSource.java:355)
> >> >> >
> >> >>
> >> >
> >>
> > org.ofbiz.entity.transaction.MinervaConnectionFactory.getConnection(MinervaConnectionFactory.java:46)
> >> >> >
> >> >>
> >> >
> >>
> > org.ofbiz.entity.jdbc.ConnectionFactory.tryGenericConnectionSources(ConnectionFactory.java:82)
> >> >> >
> >> >>
> >> >
> >>
> > org.ofbiz.geronimo.GeronimoTransactionFactory.getConnection(GeronimoTransactionFactory.java:100)
> >> >> >
> >> >>
> >> >
> >>
> > org.ofbiz.entity.transaction.TransactionFactory.getConnection(TransactionFactory.java:95)
> >> >> >
> >> >>
> >> >
> >>
> > org.ofbiz.entity.jdbc.ConnectionFactory.getConnection(ConnectionFactory.java:72)
> >> >> >
> >> >>
> >> >
> >>
> > org.ofbiz.entity.jdbc.DatabaseUtil.getConnection(DatabaseUtil.java:98)
> >> >> >
> >> >>
> >> >
> >>
> > org.ofbiz.entity.jdbc.DatabaseUtil.getTableNames(DatabaseUtil.java:827)
> >> >> >
> >> org.ofbiz.entity.jdbc.DatabaseUtil.checkDb(DatabaseUtil.java:136)
> >> >> >
> >> org.ofbiz.entity.jdbc.DatabaseUtil.checkDb(DatabaseUtil.java:125)
> >> >> >
> >> >>
> >> org.ofbiz.entity.datasource.GenericDAO.checkDb(GenericDAO.java:1087)
> >> >> >
> >> >>
> >> >
> >>
> > org.ofbiz.entity.datasource.GenericHelperDAO.checkDataSource(GenericHelperDAO.java:198)
> >> >> >
> >> org.ofbiz.entity.GenericDelegator.<init>(GenericDelegator.java:184)
> >> >> >
> >> >>
> >> >
> >>
> > org.ofbiz.entity.GenericDelegator.getGenericDelegator(GenericDelegator.java:116)
> >> >> > org.ofbiz.guiapp.xui.XuiContainer.start(XuiContainer.java:66)
> >> >> >
> >> >>
> >> >
> >>
> > org.ofbiz.base.container.ContainerLoader.start(ContainerLoader.java:80)
> >> >> > org.ofbiz.base.start.Start.startStartLoaders(Start.java:263)
> >> >> > org.ofbiz.base.start.Start.startServer(Start.java:314)
> >> >> > org.ofbiz.base.start.Start.start(Start.java:318)
> >> >> > org.ofbiz.base.start.Start.main(Start.java:404)
> >> >> >
> >> >>
> >> >
> >>
> > --------------------------------------------------------------------------------
> >> >> > 
> >> >> > 2007-03-26 19:00:08,283 (main) [  ConnectionFactory.java:74
> >> :ERROR]
> >> >> > *******
> >> >> > ERROR: No database connection found for helperName
> >> "localpostgres"
> >> >> > 2007-03-26 19:00:08,287 (main) [      
> >> DatabaseUtil.java:835:ERROR]
> >> >> > Unable
> >> >> > to esablish a connection with the database... Error
> >> >> > was:org.ofbiz.entity.GenericEntityException: No connection
> >> >> available
> >> >> > for
> >> >> > helper named [localpostgres]
> >> >> > 2007-03-26 19:00:08,288 (main) [      
> >> DatabaseUtil.java:143:ERROR]
> >> >> > Could
> >> >> > not get table name information from the database, aborting.
> >> >> > 2007-03-26 19:00:09,087 (main)
> >> [XAConnectionFactory.java:371:ERROR]
> >> >> > Can't
> >> >> > get an XAConnection
> >> >> > org.postgresql.util.PSQLException: FATAL: no pg_hba.conf entry
> >> for
> >> >> > host
> >> >> > "10.73.65.125", user "ofbiz", database "ofbiz-current", SSL off
> >> >> >       at
> >> >> >
> >> >>
> >> >
> >>
> > org.postgresql.core.v3.ConnectionFactoryImpl.doAuthentication(ConnectionFactoryImpl.java:275)
> >> >> >       at
> >> >> >
> >> >>
> >> >
> >>
> > org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:94)
> >> >> >       at
> >> >> >
> >> >>
> >> >
> >>
> > org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:65)
> >> >> >       at
> >> >> >
> >> >>
> >> >
> >>
> > org.postgresql.jdbc2.AbstractJdbc2Connection.<init>(AbstractJdbc2Connection.java:116)
> >> >> >       at
> >> >> >
> >> >>
> >> >
> >>
> > org.postgresql.jdbc3.AbstractJdbc3Connection.<init>(AbstractJdbc3Connection.java:30)
> >> >> >       at
> >> >> >
> >> >>
> >> org.postgresql.jdbc3.Jdbc3Connection.<init>(Jdbc3Connection.java:24)
> >> >> >       at org.postgresql.Driver.makeConnection(Driver.java:369)
> >> >> >       at org.postgresql.Driver.connect(Driver.java:245)
> >> >> > http://www.nabble.com/file/7467/ofbiz.log ofbiz.log 
> >> >> > 
> >> >> > 
> >> >> > cjhowe wrote:
> >> >> > > 
> >> >> > > I'm not sure I can offer much assistance in your issue, but it
> >> 
> > === message truncated ===
> > 
> > 
> > 
> 

Reply via email to