Adobe Experience Manager Sites & More

Is there any fix coming up future release ? any workaround ?

okay thanks for your reply. Is there any workaround for current AEM versions that you are aware of ?

Same here as well - trying to copy content between two repositories but all traffic is only through SSL so our vlt rcp jobs are failing.

But the release notes for VLT RCP says

jackrabbit-filevault/RELEASE-NOTES.txt at trunk · apache/jackrabbit-filevault · GitHub

FishEye: changeset 1678848

[JCRVLT-91] HTTPS Support - ASF JIRA

The error I get is

[ERROR] Error while retrieving src repository https://hostname:port/crx/server/-/jcr:root/etc: javax.jcr.RepositoryException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

This exception means that it is not possible to validate the server certificate. You should provide matching CA certificates so you can validate the server certificate. This is not specific to AEM.

kind regards,
Jörg

Hi Jörg,

Thanks for getting back. Jörg, you are right it's not AEM related though.

I used the vlt rcp command

sh vlt rcp -r https://username:password@hostname:4502/crx/-/jcr:root/content/dam/test https://username:password@hostname:4502/crx/-/jcr:root/content/dam/test

How do I pass the CA certificates along with the vlt rcp command is probably my question and am sure it's not AEM related, but definitely something to do with how we use the vlt rcp tool particularly through https.

I guess everyone in this thread is along the same as I do struggling to sync content between two repositories via https.

You response and findings would be much helpful for the community.

Thanks Jörg

Hi,

first you need to create a keystore and add all relevant certificates to it. See Working with Certificates and SSL (Sun Java System Application Server Platform Edition 8.2 Administr...  for some details (especially how to use the keytool program). You probably want to omit the passphrase/password for this (local) keystore.

When you have created a keystore, you can make Java use this keystore with these command line parameters:

-Djavax.net.ssl.keyStore=/path/to/the/keystore.file

-Djavax.net.ssl.trustStore=/path/to/the/keystore.file

When you use maven, you should add these settings to the MAVEN_OPTS environment variable; on Mac/Linux it can look like this:

$ MAVEN_OPTS="-Djavax.net.ssl.keyStore=/path/to/the/keystore.file -Djavax.net.ssl.trustStore=/path/to/the/keystore.file" mvn clean install

kind regards,
Jörg