-
Type:
Improvement
-
Status: Resolved
-
Priority:
Minor
-
Resolution: Won't Fix
-
Affects Version/s: 10.10
-
Fix Version/s: None
-
Component/s: Automation
-
Tags:
-
Backlog priority:650
When someone enables SSL authentication in Nuxeo and then tries to use Nuxeo Shell, based on Automation client, with the command like
java -cp nuxeo-shell-10.10.jar -Djavax.net.ssl.trustStore=/nuxeo/appl/truststore/cacertsET -Djavax.net.ssl.trustStorePassword=changeit org.nuxeo.shell.Main -e "connect -u xxx -p yyy https://localhost:8443/nuxeo/site/automation; script /nuxeo/appl/nuxeo10.10/client/scripts/deleteOrphanBinaries.groovy"
this error is thrown
Exception in thread "main" org.nuxeo.shell.ShellException: Failed to connect to [https://localhost:8443/nuxeo/site/automation]
at org.nuxeo.shell.automation.cmds.Connect.run(Connect.java:77)
at org.nuxeo.shell.Shell.run(Shell.java:497)
at org.nuxeo.shell.Shell.run(Shell.java:492)
at org.nuxeo.shell.Shell.runBatch(Shell.java:481)
at org.nuxeo.shell.Shell.main(Shell.java:270)
at org.nuxeo.shell.Main.main(Main.java:27)
Caused by: java.lang.RuntimeException: Cannot execute \{Authorization=Basic RFJNRVRMOkQwY3VtZW50dW0wMQ==, Accept=application/json+nxautomation}
at org.nuxeo.ecm.automation.client.jaxrs.impl.HttpConnector.execute(HttpConnector.java:128)
at org.nuxeo.ecm.automation.client.jaxrs.spi.ConnectorHandler.execute(ConnectorHandler.java:37)
at org.nuxeo.ecm.automation.client.jaxrs.spi.AbstractAutomationClient.connect(AbstractAutomationClient.java:118)
at org.nuxeo.ecm.automation.client.jaxrs.spi.AbstractAutomationClient.getSession(AbstractAutomationClient.java:143)
at org.nuxeo.ecm.automation.client.jaxrs.spi.AbstractAutomationClient.getSession(AbstractAutomationClient.java:163)
at org.nuxeo.ecm.automation.client.jaxrs.spi.AbstractAutomationClient.getSession(AbstractAutomationClient.java:154)
at org.nuxeo.shell.automation.AutomationFeature.connect(AutomationFeature.java:67)
at org.nuxeo.shell.automation.cmds.Connect.run(Connect.java:73)
... 5 more
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No X509TrustManager implementation available
at com.ibm.jsse2.k.a(k.java:35)
at com.ibm.jsse2.at.a(at.java:279)
at com.ibm.jsse2.D.a(D.java:399)
at com.ibm.jsse2.D.a(D.java:556)
at com.ibm.jsse2.E.a(E.java:60)
at com.ibm.jsse2.E.a(E.java:541)
at com.ibm.jsse2.D.r(D.java:278)
at com.ibm.jsse2.D.a(D.java:228)
at com.ibm.jsse2.at.a(at.java:263)
at com.ibm.jsse2.at.i(at.java:920)
at com.ibm.jsse2.at.a(at.java:206)
at com.ibm.jsse2.at.startHandshake(at.java:816)
at org.apache.http.conn.ssl.SSLSocketFactory.createLayeredSocket(SSLSocketFactory.java:573)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:557)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:414)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:326)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:610)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:445)
at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:835)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56)
at org.nuxeo.ecm.automation.client.jaxrs.impl.HttpConnector.executeRequestWithTimeout(HttpConnector.java:160)
at org.nuxeo.ecm.automation.client.jaxrs.impl.HttpConnector.execute(HttpConnector.java:138)
at org.nuxeo.ecm.automation.client.jaxrs.impl.HttpConnector.execute(HttpConnector.java:126)
... 12 more
Caused by: java.security.cert.CertificateException: No X509TrustManager implementation available
at com.ibm.jsse2.aA.checkServerTrusted(aA.java:8)
at com.ibm.jsse2.E.a(E.java:483)
... 32 more
The HttpClient object instanciated by the Automation client does not seem to enable the SSL context