- This topic has 17 replies, 6 voices, and was last updated 16 years ago by
.
-
Posts
-
We’re developing a pluing for Eclipse and a customer tried to use it in his MyEclipse Blue IDE environment. He is getting an exception and I’ve been able to reproduce it because the SSL certificate isn’t trusted.
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetSo I’ve tried several different things, which have always worked with other JREs, including the vanilla Eclipse JRE and various flavors of IBMs eclipse environments (RSA/WSDA/etc).
These things didn’t work:
1. Importing the key into the JRE’s lib/security/cacerts file. cacerts doesn’t appear to be read.
2. Specifying the truststore and truststorepassword as follows in the eclipse.ini file:-Djavax.net.debug=all -Djavax.net.ssl.trustStore=C:\Program Files\Genuitec\Common\binary\com.sun.java.jre.win32.x86_1.5.0.011\lib\security\cacerts -Djavax.net.ssl.trustStorePassword=changeitThis always results in the following errors (when -console is passed to startup). It looks like my trustStore isn’t being used (also confirmed with filemon).
trustStore is: C:\DOCUME~1\ajohnson\LOCALS~1\Temp\pulse35213jks trustStore type is : jks trustStore provider is : init truststore default context init failed: java.io.IOException: Keystore was tampered with, or password was incorrect use dummy SSLSocketFactory due to java.lang.RuntimeException: Default SSL context init failed: Keystore was tampered wit h, or password was incorrectSo, my question is, how do I get MyEclipse to trust my SSL certificate (which is used for SOAP communication)?
AaronJohnson,
Sorry to hear you are facing this issue. I will have a dev team member assist you. Sorry for the inconvinience.
AaronJohnson,
Could you help us collect some information on what issues you are seeing?
Can you go to your c:\program files\Genuitec\Common folder and then compress the “logs/” folder to a zip file and post to this forum topic? If that doesn’t work could you attach that to an email to support@genuitec.com and reference this forum topic?
Thanks.
AaronJohnson,
We have received the attachment you sent us. We will review it and get back to you with a reply asap.We hope to have it fixed in MyEclipse 7.5. In the mean time you can use -vm to specify a different JRE to run MyEclipse on — namely one that you manage your own certs on.
@support-nipun wrote:
We hope to have it fixed in MyEclipse 7.5. In the mean time you can use -vm to specify a different JRE to run MyEclipse on — namely one that you manage your own certs on.
Thanks Nipun. Which VM do you recommend we use so that we ensure the best compatibility? It appears the version delivered with MyEclipse 7.1 is Sun’s 1.5.0?
Nipun,
I specified a different VM using the following for my myeclipse-blue.ini:
-startup ../Common\plugins\org.eclipse.equinox.launcher_1.0.101.R34x_v20080819.jar --launcher.library ../Common\plugins\org.eclipse.equinox.launcher.win32.win32.x86_1.0.101.R34x_v20080731 -debug -clean -configuration C:\Program Files\Genuitec\MyEclipse 7.1 Blue Edition\configuration -vm C:\Program Files\Java\jre1.5.0_16\bin\client\jvm.dll -vmargs -Xmx512M -XX:MaxPermSize=192M -Djavax.net.debug=all -Djavax.net.ssl.trustStore=C:\Program Files\Java\jre1.5.0_16\lib\security\cacerts -Djavax.net.ssl.trustStorePassword=changeitand had no luck (it still never hits the cacerts file for the VM I specified). I then added the last three -D parameters to specify a custom truststore location but when the IDE comes up, it prompts for proxy info and the debug log says:
INFO: Unable to connect to server via https://www.poweredbypulse.com:443/pulse/action/model using fpt-proxy.llbean.com:8,080: java.net.SocketException: Default SSL context init failed: Keystore was tampered with, or password was incorrectIs there another way to specify either the VM or the truststore?
I’ll check with the dev team and let you know if there is any other workaround till we come out with 7.5.
ccombar,
You should download the Archive Update site installer and use that to setup MyEclipse with Eclipse 3.4.1 classic. The Manual Install that has no Pulse so this should work for you.
