Adobe Experience Manager Sites & More

Thanks Gauravb for help, I will check and let you if find any difficulty in it.

Hello Gaurav and other Friends,

             Little late update on this query. Now I am able to successfully running AEM author on https domain site, thank you to all.

I have developed the java OSGI maven bundle for my API services and all methods calling successfully except myLogin.

My current problem is that -- I am able to call my doPost method of SlingAllMethodsServlet for https request URL but

PostMethod authRequest = new PostMethod(String.format("%s://%s:%s/j_security_check", PROTOCOL, HOST, PORT));

authRequest.setParameter("j_username", username);

authRequest.setParameter("j_password", password);

authRequest.setParameter("j_validate", "true");

int status = client.executeMethod(authRequest);

call giving below Exception error.

Exception -------------------------------------------------------------------------------------------

org.apache.sling.engine.impl.SlingMainServlet service: Uncaught Problem handling the request

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at sun.security.ssl.Alerts.getSSLException(Unknown Source)

at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)

at sun.security.ssl.Handshaker.fatalSE(Unknown Source)

at sun.security.ssl.Handshaker.fatalSE(Unknown Source)

at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)

at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)

at sun.security.ssl.Handshaker.processLoop(Unknown Source)

at sun.security.ssl.Handshaker.process_record(Unknown Source)

at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)

at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)

at sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source)

at sun.security.ssl.AppOutputStream.write(Unknown Source)

at java.io.BufferedOutputStream.flushBuffer(Unknown Source)

at java.io.BufferedOutputStream.flush(Unknown Source)

at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:506) [com.day.commons.osgi.wrapper.commons-httpclient:3.1.0.018]

at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114) [com.day.commons.osgi.wrapper.commons-httpclient:3.1.0.018]

at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096) [com.day.commons.osgi.wrapper.commons-httpclient:3.1.0.018]

at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398) [com.day.commons.osgi.wrapper.commons-httpclient:3.1.0.018]

at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) [com.day.commons.osgi.wrapper.commons-httpclient:3.1.0.018]

at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) [com.day.commons.osgi.wrapper.commons-httpclient:3.1.0.018]

at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) [com.day.commons.osgi.wrapper.commons-httpclient:3.1.0.018]

--------------------------------------------------------------------------

As Solution

1. I have installed my domain certificate on both dev machine and dev server by using below commands

keytool –import –noprompt –trustcacerts –alias ALIASNAME -file FILENAME_OF_THE_INSTALLED_CERTIFICATE -keystore PATH_TO_CACERTS_FILE -storepass PASSWORD

2. Jdk version JDK 1.8.0_162

3.For one solution given in https://developer.salesforce.com/forums/?id=9060G000000BhSjQAK,have upgraded JRE version to 1.8.0_202. But still no luck.

Do I require to restart AEM server after JDK version upgrade or machine?

Thanks

Qamar

Could you share more details about your use case? Are you trying to connect to AEM from SFDC app or vice versa?

JDK1.8 is recommended for 6.4, minor versions won't matter.

Hi, Gaurav thanks again for your reply,

             I have resolved the issue, In case of  AEM https login of OSGI Java Bundle.

What all need to do is install your domain (SSL Certificate) in JDK/JRE certificate list.

The instruction as given below there 2 option you can do this, to restart AEM server is a must.

#

keytool -import -v -trustcacerts -alias <your domain> -file ~/<your domain>.crt -keystore <JAVA HOME>/jre/lib/security/cacerts -keypass changeit -storepass changeit

1.replace <your domain> with your domain (e.g. xx.xxx.com)

2.replace <JAVA HOME> with your java home directory

#

---------------------------------------

Option 1:

1. Go to AEM site logged in and click on the lock icon in the browser.

2. Click on Valid Certificate and select tab details

3. Choose copy file button and select Base64 file type.

4. Save next on a desktop or any other folder.

5. After save got to mw.cer file and just install it.

6.Got to command and change directory to C:\Program Files\Java\jre1.8.0_121\bin

7. Check available certificates and observe count in the start

To See List

keytool -list -keystore "C:\Program Files\Java\jre1.8.0_121\lib\security\cacerts"

8. Then run below command by setting alias, -file and keystore and default password as changeit

keytool -importcert -v –trustcacerts –alias xx.xxx.com -file "C:\Users\administrator\Desktop\xxx.cer" -keystore "C:\Program Files\Java\jre1.

8.0_121\lib\security\cacerts" -storepass changeit

9. Command prompt for installing certificate type yes and enter.

10. Now run keytool -list -keystore again and check certificate count again.

11. Restart AEM server.

Option 2:

1) Download the InstallCert.java file from https://drive.google.com/file/d/1T3w9BYWVg6wrkSrCXFh77MoAykCeRcQ4/view

or found with this file.

2) Compile the file using the command as below: Note if the command is not recognized go to JDK bin folder and then compile.

              javac InstallCert.java

3) Add Trusted Keystore

C:\User\MyUser>java InstallCert xx.xxx.com or xx.xxx.com:443

4. Copy jssecacerts: Copy the generated jssecacerts file at $JAVA_HOME/jre/lib/security folder.

5. Restart AEM server.

Thanks

Qamar