Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Getting error "unable to find valid certification path" and question about what should be returned from the provider #221

Open
jorvis opened this issue Feb 13, 2023 · 1 comment
Open

Getting error "unable to find valid certification path" and question about what should be returned from the provider #221

jorvis opened this issue Feb 13, 2023 · 1 comment
Labels
bug Something isn't working

Comments

@jorvis
Copy link

jorvis commented Feb 13, 2023

Trying to register a namespace but having two issues.

  1. Under "Provider details" when defining Home URL I enter "https://umgear.org" and am getting this error:

Checking 'https://umgear.org' caused an error: 'sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target'
2. Under "Namespace Details" when I enter the Sample Id I get this error:

Id 'd.a59037e8' does not exist in 'https://umgear.org/p?id=d.a59037e8'

But that resolves just as it should on our site. Should it instead be returning some JSON structure or something?
@jorvis jorvis mentioned this issue Feb 13, 2023
Closed
3 tasks
@renatocjn
Copy link
Member

Hello, sorry for the delay, I'm suspecting that it may be an issue with the page's certificate's and the restrictions on the backend verifier.

I'm not super familiar with SSL certificates but apparently, there is an issue with the verification chain.

$ openssl s_client -verify 32 -connect umgear.org:443
verify depth is 32
CONNECTED(00000005)
depth=0 CN = *.umgear.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = *.umgear.org
verify error:num=21:unable to verify the first certificate
verify return:1
write W BLOCK
---
Certificate chain
 0 s:/CN=*.umgear.org
   i:/C=US/O=DigiCert Inc/CN=RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
 1 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
   i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
 2 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=RapidSSL RSA CA 2018
   i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
### More after this but it is unnecessary for this.

I also updated the container's certificates since the image is quite old but the problem persists. Could you check if this also happens on your end?

If there is no issue with the certificates I guess it is a problem with the verification backend like in #209.

@renatocjn renatocjn added the bug Something isn't working label Feb 15, 2023
@ivanmicetic ivanmicetic mentioned this issue Dec 6, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jorvis @renatocjn