Tomcat end-point Client certificate issue

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Tomcat end-point Client certificate issue

jonmcalexander
Hey everybody,

Anyone run into an error or warning like this before? App team is using Tomcat 9.0.37.

<Redacted some info in warning>

[05/02/2021 14:34:14:702 ] [] WARN  com.xxxxxxxx.xxxx.xxxxxxx.SearchCriteriaEnhancedController SearchCriteriaEnhancedAction::actionExecute CAS Query WS returned Fault. Details:   FaultCode='Server.InternalError' FaultReasonText='Unable to CAAPI validate certificate - array null' FaultActor='1CAV' AdviceText='null' FaultSubcode='null' TechnicalText='org.apache.commons.httpclient.auth.AuthenticationException: Unable to CAAPI validate certificate - array null' Severity='ERROR' FaultType='SYSTEM' EmbeddedException='null'

Thanks,


Dream * Excel * Explore * Inspire
Jon McAlexander
Infrastructure Engineer
Asst Vice President

Middleware Product Engineering
Enterprise CIO | Platform Services | Middleware | Infrastructure Solutions

8080 Cobblestone Rd | Urbandale, IA 50322
MAC: F4469-010
Tel 515-988-2508 | Cell 515-988-2508

[hidden email]<mailto:[hidden email]>

Upcoming PTO: 10/30/2020, 11/6/2020, 11/13/2020, 11/20/2020, 11/27/2020, 12/2/2020, 12/4/2020, 12/11/2020, 12/18/2020, 12/28/2020, 12/29/2020, 12/30/2020, 12/31/2020
This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose, or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation.

Reply | Threaded
Open this post in threaded view
|

Re: Tomcat end-point Client certificate issue

markt
On 05/02/2021 22:47, [hidden email] wrote:
> Hey everybody,
>
> Anyone run into an error or warning like this before? App team is using Tomcat 9.0.37.
>
> <Redacted some info in warning>
>
> [05/02/2021 14:34:14:702 ] [] WARN  com.xxxxxxxx.xxxx.xxxxxxx.SearchCriteriaEnhancedController SearchCriteriaEnhancedAction::actionExecute CAS Query WS returned Fault. Details:   FaultCode='Server.InternalError' FaultReasonText='Unable to CAAPI validate certificate - array null' FaultActor='1CAV' AdviceText='null' FaultSubcode='null' TechnicalText='org.apache.commons.httpclient.auth.AuthenticationException: Unable to CAAPI validate certificate - array null' Severity='ERROR' FaultType='SYSTEM' EmbeddedException='null'

If this is an error message logged on Tomcat from a CAS installation
that failed to validate a client certificate I'd guess that the client
certificate chain wasn't available. Maybe because TLS session tickets
were being used?

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

RE: Tomcat end-point Client certificate issue

jonmcalexander
I will check with the development team.

Thanks,

Dream * Excel * Explore * Inspire
Jon McAlexander
Infrastructure Engineer
Asst Vice President

Middleware Product Engineering
Enterprise CIO | Platform Services | Middleware | Infrastructure Solutions

8080 Cobblestone Rd | Urbandale, IA 50322
MAC: F4469-010
Tel 515-988-2508 | Cell 515-988-2508

[hidden email]

Upcoming PTO: 10/30/2020, 11/6/2020, 11/13/2020, 11/20/2020, 11/27/2020, 12/2/2020, 12/4/2020, 12/11/2020, 12/18/2020, 12/28/2020, 12/29/2020, 12/30/2020, 12/31/2020
This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose, or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation.

> -----Original Message-----
> From: Mark Thomas <[hidden email]>
> Sent: Saturday, February 6, 2021 2:38 AM
> To: [hidden email]
> Subject: Re: Tomcat end-point Client certificate issue
>
> On 05/02/2021 22:47, [hidden email] wrote:
> > Hey everybody,
> >
> > Anyone run into an error or warning like this before? App team is using Tomcat
> 9.0.37.
> >
> > <Redacted some info in warning>
> >
> > [05/02/2021 14:34:14:702 ] [] WARN
> com.xxxxxxxx.xxxx.xxxxxxx.SearchCriteriaEnhancedController
> SearchCriteriaEnhancedAction::actionExecute CAS Query WS returned Fault.
> Details:   FaultCode='Server.InternalError' FaultReasonText='Unable to CAAPI
> validate certificate - array null' FaultActor='1CAV' AdviceText='null'
> FaultSubcode='null'
> TechnicalText='org.apache.commons.httpclient.auth.AuthenticationException:
> Unable to CAAPI validate certificate - array null' Severity='ERROR'
> FaultType='SYSTEM' EmbeddedException='null'
>
> If this is an error message logged on Tomcat from a CAS installation that failed
> to validate a client certificate I'd guess that the client certificate chain wasn't
> available. Maybe because TLS session tickets were being used?
>
> Mark
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

RE: Tomcat end-point Client certificate issue

jonmcalexander
In reply to this post by markt
­They responded they are not using TLS session tickets, not to their knowledge.


Sent with BlackBerry Work (www.blackberry.com)
________________________________
From: Mark Thomas <[hidden email]>
Sent: Feb 6, 2021 2:39 AM
To: [hidden email]
Subject: Re: Tomcat end-point Client certificate issue

On 05/02/2021 22:47, [hidden email] wrote:
> Hey everybody,
>
> Anyone run into an error or warning like this before? App team is using Tomcat 9.0.37.
>
> <Redacted some info in warning>
>
> [05/02/2021 14:34:14:702 ] [] WARN  com.xxxxxxxx.xxxx.xxxxxxx.SearchCriteriaEnhancedController SearchCriteriaEnhancedAction::actionExecute CAS Query WS returned Fault. Details:   FaultCode='Server.InternalError' FaultReasonText='Unable to CAAPI validate certificate - array null' FaultActor='1CAV' AdviceText='null' FaultSubcode='null' TechnicalText='org.apache.commons.httpclient.auth.AuthenticationException: Unable to CAAPI validate certificate - array null' Severity='ERROR' FaultType='SYSTEM' EmbeddedException='null'

If this is an error message logged on Tomcat from a CAS installation
that failed to validate a client certificate I'd guess that the client
certificate chain wasn't available. Maybe because TLS session tickets
were being used?

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]