Error connecting to an https URL via a proxy.
Hi Sean,
One of my users, probably the first one to ever try and use it from behind a proxy, is getting an error when trying to connect to my server.
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
Full stack trace here:
https://bitbucket.org/mahanaroad/moneyforesight/issues/117/foresigh...
From googling, it looks as though the problem might be that my certificate is not in the cacerts file. (I use a self-signed certificate).
Does this sound familiar? Do you know anything about how this should work? I'm at a bit of a loss.
Cheers,
Kevin
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
1 Posted by hleofxquotes on 29 Oct, 2018 03:43 AM
Kevin,
I think you have 3 options
2 Posted by Kevin Stembridg... on 29 Oct, 2018 10:48 PM
Hi hleofxquotes,
Thanks for the advice. I'll look into those options.
Cheers,
Kevin
Support Staff 3 Posted by Sean Reilly on 31 Oct, 2018 10:10 AM
Hi Kevin,
I'd definitely second hleofxquotes' "let's encrypt" suggestion. Moneydance also keeps it's own set of CA certs, so it wouldn't be a good idea (or even possible, for signed app bundles) to change that list.
Thanks,
Sean Reilly
Developer, The Infinite Kind
http://infinitekind.com
4 Posted by Kevin Stembridg... on 31 Oct, 2018 10:23 AM
Hi Sean,
Thanks for getting back to me.
If I remember correctly, letsencrypt certificates need to be renewed every few months. I guess I could build something into the extension that would retrieve the current certificate.
I'll have to give it some more thought.
Cheers,
Kevin
Support Staff 5 Posted by Sean Reilly on 31 Oct, 2018 03:02 PM
Hi Kevin,
You do need to regenerate the certificate every 90 days (I think that's the current time interval) but you wouldn't need to include your certificate in the extension. The letsencrypt CA certificate is included with most https clients which is all the client would need.
Thanks,
Sean
6 Posted by Kevin Stembridg... on 31 Oct, 2018 03:44 PM
ah, ok. Good to know.
Thanks very much.
System closed this discussion on 30 Jan, 2019 03:50 PM.