http://forums.visokio.com/discussions/tagged/https/feed.rss Mon, 30 Oct 17 14:27:37 -0400 Tagged with https - Visokio Forums en-CA http://forums.visokio.com/discussion/1365/security-ssl-certificate-error-use-your-trusted-certificate Wed, 07 Mar 2012 06:47:47 -0500 antonio 1365@/discussions "Server SSL error
The server you are connecting to does not have a valid certificate from an authorised authority".

This happens if the server certificate is not issued by certification authority, and it is self signed or issued by a private CMS.

If you trust the server, you can add the server certificate to your trusted Java key store, and allow Omniscope to use it as trusted and verified certificate.

The cause of the problem and solution are both well explained in this article.

Here are the steps to allow Omniscope to recognise and use your server certificate:

1. Use InstallCert tool
   - Get the InstallCert.java file from http://code.google.com/p/java-use-examples/source/browse/trunk/src/com/aw/ad/util/InstallCert.java
   - Compile the file using the "javac" command:
   javac InstallCert.java
   
   
2. Add your server certificate
   - Run InstallCert, with the server hostname and https port (if available), then press “1” when ask for input:
   java InstallCert myserver.com:8080
   - Check the process has finished and generated a file named “jssecacerts“ in the same folder you run the InstallCert tool.
   
   
3. Launch Omniscope with JVM parameter
   - See "Additional JVM arguments" here http://www.visokio.com/kb/installconfig .
   - Update your installconfig.properties file to have the following line:
   ADDITIONAL_JVM_ARGS=-Djavax.net.ssl.trustStore=c:\yourFolder\jssecacerts
   - Start Omniscope.
   

For the sake of simplicity, please find attached a zip file with the 2 InstallCert tool classes already compiled and ready to run.]]> http://forums.visokio.com/discussion/2991/content-view-access-to-css-stylesheets-from-https-server-v2.9s Mon, 17 Aug 2015 13:24:46 -0400 aknotts 2991@/discussions
In a new IOK report file/dashboard, we want to implement external CSS stylesheets for the Content view.

Given that the Content view cannot mix access to http: and https: resources, how can we incorporate remote CSS stylesheets (which are numerous) within the domain/reach of any browser connecting to the Omniscope Web Server's hosting folder?

In other words: can an Omniscope Web Server https: hosting folder contain a CSS stylesheets folder and if so, what would the URL address be?]]> http://forums.visokio.com/discussion/2358/security-web-server-ssl-configuration Mon, 30 Sep 2013 08:53:33 -0400 antonio 2358@/discussions keystore.jks.default).

If you want to use your own fully validated SSL certificate, you need to configure the path and the password of the keystore file containing the certificate.


To generate keys and certificates, follow one of these two guides:
Generate a Self Signed Certificate using Java Keytool
Generate a Trusted Certificate]]> http://forums.visokio.com/discussion/1034/https-certificate-error Tue, 04 Oct 2011 10:58:00 -0400 antonio 1034@/discussions
These errors might take different forms in different situations, such as:

• SSLHandshakeException
  
• FailedDownloadException
  
• “Publisher authenticity can not be verified”
  

When launching an Omniscope Online (WebStart) application, which involves clicking a Launch button in a web page, or opening a JNLP file, these errors might happen before Omniscope itself starts.

Or, these errors might happen if you start Omniscope and choose File > Open file > Open from web.

Likely causes

• If the website is using a self-signed certificate, Omniscope cannot access the site. This is because the certificate cannot be verified or trusted.
  
• If the website is using a correctly signed certificate, the server may be missing one of the certificates in the certification chain.
  

To check and diagnose problems with the SSL certificate used for a particular site, use a free online SSL testing tool (e.g. http://www.sslshopper.com/ssl-checker.html), to make sure it is correctly installed, valid, trusted and doesn't give any errors to any of your users.

In case of using the suggested tool, if it recognises there is a problem with your server (e.g. a missing certificate in the chain) it suggests a solution (e.g. "The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate." - note that from the point of view of this tool, “browsers” includes applications like Omniscope which connect to an HTTPS site).

Your server administrators (SharePoint or other) should be able to take this information and resolve the problem easily.]]>