我的zimbra安装有一个奇怪的问题...我启用了代理servlet并且正常运行跨域ajax请求。但是,每当我尝试访问我的域的https://版本时,我都会得到500个java.security.cert.CertificateException,它看起来像下面的堆栈跟踪。有任何想法吗? 其他https:// url似乎工作正常。
Error 500 java.security.cert.CertificateException: *** lots of ssl cert specific stuff not sure its safe to post ***
Problem accessing /service/proxy. Reason:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: * lots of ssl cert specific stuff not sure its safe to post
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1747)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1209)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:135)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:943)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199)
at com.zimbra.common.net.CustomSSLSocket.startHandshake(CustomSSLSocket.java:90)
at com.zimbra.common.net.CustomSSLSocket.getInputStream(CustomSSLSocket.java:341)
at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:745)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at com.zimbra.common.httpclient.HttpClientUtil.executeMethod(HttpClientUtil.java:53)
at com.zimbra.common.httpclient.HttpClientUtil.executeMethod(HttpClientUtil.java:39)
at com.zimbra.cs.zimlet.ProxyServlet.doProxy(ProxyServlet.java:243)
at com.zimbra.cs.zimlet.ProxyServlet.doGet(ProxyServlet.java:152)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:705)
at com.zimbra.cs.servlet.ZimbraServlet.service(ZimbraServlet.java:206)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:814)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:390)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:218)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:422)
at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:230)
at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.handler.rewrite.RewriteHandler.handle(RewriteHandler.java:230)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:326)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:585)
at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:971)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:549)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:415)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:429)
at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:451)
Caused by: java.security.cert.CertificateException: d2:CN16:.otherinbox.com1:O18:Return Path\, Inc.2:OU0:6:accept4:true5:alias49:my.otherinbox.com:94CAD63897189661A4696EEEB5E53474:fromi1394668800000e4:host17:my.otherinbox.com3:icn38:DigiCert SHA2 High Assurance Server CA2:io12:DigiCert Inc3:iou16:www.digicert.com3:md532:78C925EF0A86A80C51D73DFA0CCEE0A08:mismatch5:false1:s31:94CAD63897189661A4696EEEB5E53474:sha140:D7A479766373923C5E61404086D23BB45D22377E2:toi1495022400000ee
at com.zimbra.common.net.CustomTrustManager.checkServerTrusted(CustomTrustManager.java:90)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1201)
... 40 more
java.security.cert.CertificateException: * lots of ssl cert specific stuff not sure its safe to post *
at com.zimbra.common.net.CustomTrustManager.checkServerTrusted(CustomTrustManager.java:90)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1201)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:135)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:943)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199)
at com.zimbra.common.net.CustomSSLSocket.startHandshake(CustomSSLSocket.java:90)
at com.zimbra.common.net.CustomSSLSocket.getInputStream(CustomSSLSocket.java:341)
at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:745)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at com.zimbra.common.httpclient.HttpClientUtil.executeMethod(HttpClientUtil.java:53)
at com.zimbra.common.httpclient.HttpClientUtil.executeMethod(HttpClientUtil.java:39)
at com.zimbra.cs.zimlet.ProxyServlet.doProxy(ProxyServlet.java:243)
at com.zimbra.cs.zimlet.ProxyServlet.doGet(ProxyServlet.java:152)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:705)
at com.zimbra.cs.servlet.ZimbraServlet.service(ZimbraServlet.java:206)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:814)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:390)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:218)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:422)
at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:230)
at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.handler.rewrite.RewriteHandler.handle(RewriteHandler.java:230)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:326)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:585)
at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:971)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:549)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:415)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:429)
at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:451)
答案 0 :(得分:1)
我认为,Zimbra的java拒绝了你的服务器证书。可能是因为自签名或旧证书。您可能必须将证书添加到java的密钥环cacerts中,该密钥环cacerts位于~zimbra / java / jre / lib / security / cacerts中,可以使用“keytool”命令进行修改。密码应该是默认的“changeit”。