Expand my Community achievements bar.

SOLVED

FileVault over https for AEM 6.1

Avatar

Level 2

Hi,

i am unable to sync contents via filevault over https , however over http it works fine. Any idea how to fix the issue over https?

below is the exception

javax.jcr.RepositoryException: URL scheme https not supported. only http

Help is appreciated!

Thanks,

Chaitan

1 Accepted Solution

Avatar

Correct answer by
Level 10

Log a feature enhancement ticket - say you need this to work using HTTPS protocol.

View solution in original post

8 Replies

Avatar

Level 10

Looking at the doc and communities articles -- such as: CQ-OPS - CQ's FileVault Tool vlt - How to Convert JCR...  - it does not like Https is supported.

Avatar

Level 2

Is there any fix coming up future release ? any workaround ?

Avatar

Correct answer by
Level 10

Log a feature enhancement ticket - say you need this to work using HTTPS protocol.

Avatar

Level 2

okay thanks for your reply. Is there any workaround for current AEM versions that you are aware of ?

Avatar

Level 1

Same here as well - trying to copy content between two repositories but all traffic is only through SSL so our vlt rcp jobs are failing.

But the release notes for VLT RCP says

jackrabbit-filevault/RELEASE-NOTES.txt at trunk · apache/jackrabbit-filevault · GitHub

Changes in Jackrabbit FileVault 3.1.24
--------------------------------------
Bug Fixes:
* [JCRVLT-91] - HTTPS Support for CLI

FishEye: changeset 1678848

[JCRVLT-91] HTTPS Support - ASF JIRA

The error I get is

[ERROR] Error while retrieving src repository https://hostname:port/crx/server/-/jcr:root/etc: javax.jcr.RepositoryException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Avatar

Employee Advisor

This exception means that it is not possible to validate the server certificate. You should provide matching CA certificates so you can validate the server certificate. This is not specific to AEM.

kind regards,
Jörg

Avatar

Level 1

Hi Jörg,

Thanks for getting back. Jörg, you are right it's not AEM related though.

I used the vlt rcp command

sh vlt rcp -r https://username:password@hostname:4502/crx/-/jcr:root/content/dam/test https://username:password@hostname:4502/crx/-/jcr:root/content/dam/test

How do I pass the CA certificates along with the vlt rcp command is probably my question and am sure it's not AEM related, but definitely something to do with how we use the vlt rcp tool particularly through https.

I guess everyone in this thread is along the same as I do struggling to sync content between two repositories via https.

You response and findings would be much helpful for the community.

Thanks Jörg

Avatar

Employee Advisor

Hi,

first you need to create a keystore and add all relevant certificates to it. See Working with Certificates and SSL (Sun Java System Application Server Platform Edition 8.2 Administr...  for some details (especially how to use the keytool program). You probably want to omit the passphrase/password for this (local) keystore.

When you have created a keystore, you can make Java use this keystore with these command line parameters:

-Djavax.net.ssl.keyStore=/path/to/the/keystore.file

-Djavax.net.ssl.trustStore=/path/to/the/keystore.file

When you use maven, you should add these settings to the MAVEN_OPTS environment variable; on Mac/Linux it can look like this:

$ MAVEN_OPTS="-Djavax.net.ssl.keyStore=/path/to/the/keystore.file -Djavax.net.ssl.trustStore=/path/to/the/keystore.file" mvn clean install

kind regards,
Jörg