postgres's server.crt needs to be in ofbiz's TRUST store (ofbiztrust.jks) This postgres message 'confirms' that the error comes from the client not trusting postgres... http://archives.postgresql.org/pgsql-jdbc/2003-03/msg00278.php
--- Sam Benz <[EMAIL PROTECTED]> wrote: > > I have imported postgres's server.crt into ofbiz's keystore using > keytool. > now I am getting the following error in my postgrestql log file > 'could not > accept SSL connection: sslv3 alert certificate unknown' > > I have been looking through both postgres and ofbiz documentation and > I have > exported a certificate file from ofbizssl.jks to the postgres data > directory > (where root.crt is stored) but I can't find any docs about the > keystore in > postgres. > > Thanks again, > > Sam > > > cjhowe wrote: > > > > I often times get confused which side is needing the trusting, but > my > > belief is that you need to put the postgres server's certificate > into > > ofbiz's truststore... > > > > steps for this should be similar to the heading "SSL" in the > following > > link > http://docs.ofbiz.org/display/OFBIZ/Google+Checkout+Integration > > just replace checkout.google.com with the location of your postgres > > server. > > > > --- Sam Benz <[EMAIL PROTECTED]> wrote: > > > >> > >> Thanks for your help we are making progress now > >> > >> I can logon to the db with the username ofbiz from pgadmin... > >> > >> I just tried > >> > >> <inline-jdbc > >> jdbc-driver="org.postgresql.Driver" > > >> > >> jdbc-uri="jdbc:postgresql://10.73.65.114/ofbiz-current?ssl=true" > >> jdbc-username="ofbiz" > >> jdbc-password="ofbiz" > >> isolation-level="ReadCommitted" > >> pool-minsize="2" > >> pool-maxsize="20"/> > >> > >> with 10.73.65.125 specifically added to my hba.conf file ... > >> > >> now I am getting security certificate errors from ofbiz and > geronimo > >> > >> Once again I have attached the ofbiz.log file > >> http://www.nabble.com/file/7470/ofbiz.log ofbiz.log > >> > >> > >> cjhowe wrote: > >> > > >> > Actually, looking into the Minerva implementation, all of the > >> > inline-jdbc attributes are set specifically and ssl isn't one of > >> them, > >> > so you may try appending ?ssl=true to the jdbc-uri > >> > ie: > >> > jdbc-uri="jdbc:postgresql://127.0.0.1/ofbiz?ssl=true" > >> > > >> > > >> > --- Chris Howe <[EMAIL PROTECTED]> wrote: > >> > > >> >> first make sure you have a user on your postgres server for > >> >> [EMAIL PROTECTED] (or @ domain that resolves to 10.73.65.125) > >> >> > >> >> then in your > ofbiz.home/framework/entity/config/entityengine.xml > >> file > >> >> for your localpostgres datasource in the inline-jdbc element > add > >> >> ssl="true" > >> >> > >> >> then report back :) > >> >> > >> >> --- Sam Benz <[EMAIL PROTECTED]> wrote: > >> >> > >> >> > > >> >> > I have not found any errors from postgres but I have attached > >> the > >> >> log > >> >> > file > >> >> > from ofbiz framework/logs/ofbiz.log > >> >> > > >> >> > > >> >> > here are a few relevant lines > >> >> > > >> >> > > >> >> > 2007-03-26 19:00:08,280 (main) [ ConnectionFactory.java:85 > >> :ERROR] > >> >> > >> >> > ---- runtime exception report > >> >> > -------------------------------------------------- > >> >> > There was an error getting a Minerva datasource. > >> >> > Exception: java.lang.RuntimeException > >> >> > Message: Could not create connection > >> >> > ---- stack trace > >> >> > > --------------------------------------------------------------- > >> >> > java.lang.RuntimeException: Could not create connection > >> >> > > >> >> > >> > > >> > > > org.ofbiz.minerva.pool.ObjectPool.createNewObject(ObjectPool.java:944) > >> >> > > org.ofbiz.minerva.pool.ObjectPool.getObject(ObjectPool.java:630) > >> >> > > >> >> > >> > > >> > > > org.ofbiz.minerva.pool.jdbc.xa.XAPoolDataSource.getConnection(XAPoolDataSource.java:355) > >> >> > > >> >> > >> > > >> > > > org.ofbiz.entity.transaction.MinervaConnectionFactory.getConnection(MinervaConnectionFactory.java:46) > >> >> > > >> >> > >> > > >> > > > org.ofbiz.entity.jdbc.ConnectionFactory.tryGenericConnectionSources(ConnectionFactory.java:82) > >> >> > > >> >> > >> > > >> > > > org.ofbiz.geronimo.GeronimoTransactionFactory.getConnection(GeronimoTransactionFactory.java:100) > >> >> > > >> >> > >> > > >> > > > org.ofbiz.entity.transaction.TransactionFactory.getConnection(TransactionFactory.java:95) > >> >> > > >> >> > >> > > >> > > > org.ofbiz.entity.jdbc.ConnectionFactory.getConnection(ConnectionFactory.java:72) > >> >> > > >> >> > >> > > >> > > > org.ofbiz.entity.jdbc.DatabaseUtil.getConnection(DatabaseUtil.java:98) > >> >> > > >> >> > >> > > >> > > > org.ofbiz.entity.jdbc.DatabaseUtil.getTableNames(DatabaseUtil.java:827) > >> >> > > >> org.ofbiz.entity.jdbc.DatabaseUtil.checkDb(DatabaseUtil.java:136) > >> >> > > >> org.ofbiz.entity.jdbc.DatabaseUtil.checkDb(DatabaseUtil.java:125) > >> >> > > >> >> > >> > org.ofbiz.entity.datasource.GenericDAO.checkDb(GenericDAO.java:1087) > >> >> > > >> >> > >> > > >> > > > org.ofbiz.entity.datasource.GenericHelperDAO.checkDataSource(GenericHelperDAO.java:198) > >> >> > > >> > org.ofbiz.entity.GenericDelegator.<init>(GenericDelegator.java:184) > >> >> > > >> >> > >> > > >> > > > org.ofbiz.entity.GenericDelegator.getGenericDelegator(GenericDelegator.java:116) > >> >> > org.ofbiz.guiapp.xui.XuiContainer.start(XuiContainer.java:66) > >> >> > > >> >> > >> > > >> > > > org.ofbiz.base.container.ContainerLoader.start(ContainerLoader.java:80) > >> >> > org.ofbiz.base.start.Start.startStartLoaders(Start.java:263) > >> >> > org.ofbiz.base.start.Start.startServer(Start.java:314) > === message truncated ===
