我的zimbra安装有一个奇怪的问题...我启用了代理servlet并且正常运行跨域ajax请求。但是,每当我尝试访问我的域的https://版本时,我都会得到500个java.security.cert.CertificateException,它看起来像下面的堆栈跟踪。有任何想法吗? 其他https:// url似乎工作正常。
Error 500 java.security.cert.CertificateException: *** lots of ssl cert specific stuff not sure its safe to post ***
Problem accessing /service/proxy. Reason:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: * lots of ssl cert specific stuff not sure its safe to post at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1747) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1209) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:135) at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593) at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:943) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199) at com.zimbra.common.net.CustomSSLSocket.startHandshake(CustomSSLSocket.java:90) at com.zimbra.common.net.CustomSSLSocket.getInputStream(CustomSSLSocket.java:341) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:745) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at com.zimbra.common.httpclient.HttpClientUtil.executeMethod(HttpClientUtil.java:53) at com.zimbra.common.httpclient.HttpClientUtil.executeMethod(HttpClientUtil.java:39) at com.zimbra.cs.zimlet.ProxyServlet.doProxy(ProxyServlet.java:243) at com.zimbra.cs.zimlet.ProxyServlet.doGet(ProxyServlet.java:152) at javax.servlet.http.HttpServlet.service(HttpServlet.java:705) at com.zimbra.cs.servlet.ZimbraServlet.service(ZimbraServlet.java:206) at javax.servlet.http.HttpServlet.service(HttpServlet.java:814) at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:390) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:218) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:422) at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:230) at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at org.mortbay.jetty.handler.rewrite.RewriteHandler.handle(RewriteHandler.java:230) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at org.mortbay.jetty.Server.handle(Server.java:326) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:585) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:971) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:549) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:415) at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:429) at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:451) Caused by: java.security.cert.CertificateException: d2:CN16:.otherinbox.com1:O18:Return Path\, Inc.2:OU0:6:accept4:true5:alias49:my.otherinbox.com:94CAD63897189661A4696EEEB5E53474:fromi1394668800000e4:host17:my.otherinbox.com3:icn38:DigiCert SHA2 High Assurance Server CA2:io12:DigiCert Inc3:iou16:www.digicert.com3:md532:78C925EF0A86A80C51D73DFA0CCEE0A08:mismatch5:false1:s31:94CAD63897189661A4696EEEB5E53474:sha140:D7A479766373923C5E61404086D23BB45D22377E2:toi1495022400000ee at com.zimbra.common.net.CustomTrustManager.checkServerTrusted(CustomTrustManager.java:90) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1201) ... 40 more
java.security.cert.CertificateException: * lots of ssl cert specific stuff not sure its safe to post * at com.zimbra.common.net.CustomTrustManager.checkServerTrusted(CustomTrustManager.java:90) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1201) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:135) at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593) at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:943) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199) at com.zimbra.common.net.CustomSSLSocket.startHandshake(CustomSSLSocket.java:90) at com.zimbra.common.net.CustomSSLSocket.getInputStream(CustomSSLSocket.java:341) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:745) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at com.zimbra.common.httpclient.HttpClientUtil.executeMethod(HttpClientUtil.java:53) at com.zimbra.common.httpclient.HttpClientUtil.executeMethod(HttpClientUtil.java:39) at com.zimbra.cs.zimlet.ProxyServlet.doProxy(ProxyServlet.java:243) at com.zimbra.cs.zimlet.ProxyServlet.doGet(ProxyServlet.java:152) at javax.servlet.http.HttpServlet.service(HttpServlet.java:705) at com.zimbra.cs.servlet.ZimbraServlet.service(ZimbraServlet.java:206) at javax.servlet.http.HttpServlet.service(HttpServlet.java:814) at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:390) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:218) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:422) at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:230) at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at org.mortbay.jetty.handler.rewrite.RewriteHandler.handle(RewriteHandler.java:230) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at org.mortbay.jetty.Server.handle(Server.java:326) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:585) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:971) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:549) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:415) at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:429) at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:451)
答案 0 :(得分:1)
我认为,Zimbra的java拒绝了你的服务器证书。可能是因为自签名或旧证书。您可能必须将证书添加到java的密钥环cacerts中,该密钥环cacerts位于~zimbra / java / jre / lib / security / cacerts中,可以使用“keytool”命令进行修改。密码应该是默认的“changeit”。