Results 1 to 9 of 9

Thread: Issue syncing Zimbra - Funambol with SSL

  1. #1
    ccelis5215 is offline Elite Member
    Join Date
    Jun 2011
    Location
    Caracas Venezuela
    Posts
    470
    Rep Power
    4

    Default Issue syncing Zimbra - Funambol with SSL

    After configured Funambol and tried sync Zimbra i've received this messages in ds-server.log.

    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.securi
    ty.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLExceptio n(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(U nknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Un known Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Un known Source)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serv erCertificate(Unknown Source)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.proc essMessage(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.processLoo p(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.process_re cord(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRec ord(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.perform InitialHandshake(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHa ndshake(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHa ndshake(Unknown Source)
    at sun.net.http://www.protocol.https.HttpsClien...onnect(Unknown Source)
    at sun.net.http://www.protocol.https.AbstractDe...onnect(Unknown Source)
    at sun.net.http://www.protocol.http.HttpURLConn...Stream(Unknown Source)
    at sun.net.http://www.protocol.https.HttpsURLCo...Stream(Unknown Source)
    at ru.korusconsulting.connector.base.ZimbraPort.sendR equest(ZimbraPort.java:624)
    at ru.korusconsulting.connector.base.ZimbraPort.reque stAutorization(ZimbraPort.java:140)
    at ru.korusconsulting.connector.funambol.ZimbraSyncSo urce.commonSync(ZimbraSyncSource.java:121)
    at ru.korusconsulting.connector.funambol.ZimbraSyncSo urce.beginSync(ZimbraSyncSource.java:102)
    at ru.korusconsulting.connector.funambol.ContactSyncS ource.beginSync(ContactSyncSource.java:40)
    at com.funambol.server.engine.Sync4jEngine.sync(Sync4 jEngine.java:610)
    at com.funambol.server.session.SyncSessionHandler.pro cessModifications(SyncSessionHandler.java:1655)
    at com.funambol.server.session.SyncSessionHandler.pro cessSyncMessage(SyncSessionHandler.java:1499)
    at com.funambol.server.session.SyncSessionHandler.pro cessInitSyncMapMessage(SyncSessionHandler.java:960 )
    at com.funambol.server.session.SyncSessionHandler.pro cessMessage(SyncSessionHandler.java:527)
    at com.funambol.server.engine.SyncAdapter.processInpu tMessage(SyncAdapter.java:491)
    at com.funambol.server.engine.SyncAdapter.processMess age(SyncAdapter.java:442)
    at com.funambol.server.engine.SyncAdapter.processXMLM essage(SyncAdapter.java:218)
    at com.funambol.transport.http.server.LocalSyncHolder .processXMLMessage(LocalSyncHolder.java:97)
    at com.funambol.transport.http.server.Sync4jServlet.d oPost(Sync4jServlet.java:400)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:710)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:803)
    at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:290)
    at org.apache.catalina.core.ApplicationFilt

  2. #2
    ccelis5215 is offline Elite Member
    Join Date
    Jun 2011
    Location
    Caracas Venezuela
    Posts
    470
    Rep Power
    4

    Default Solved

    I import certificates fom Zimbra.

  3. #3
    wajdi.ayari is offline Starter Member
    Join Date
    Dec 2011
    Posts
    2
    Rep Power
    3

    Default Syncing Zimbra and funambol with SSL

    Hi,
    I've installed Zimbra 7 opensource edition on ubuntu 10.04 server.
    I only activated HTTPS connexion to my server. when i tried to sync funambol with Zimbra after importing zimbra certification on funambol like this

    sudo cp [zimbra]/java/jre/lib/security/cacerts [funambol]/ds-server/lib/security
    sudo [funambol]/bin/funambol stop ; sudo [funambol]/bin/funambol start

    but it generates this error


    [2011-12-01 11:35:09,031] [funambol.transport.http] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [] [] [] Handling incoming request
    [2011-12-01 11:35:09,032] [funambol.transport.http] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [] [] [] Request URL: http://192.168.1.115:8080/funambol/ds
    [2011-12-01 11:35:09,032] [funambol.transport.http] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [] [] [] Requested sessionId: null
    [2011-12-01 11:35:09,453] [funambol.handler] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [] admin@iresa.tn/fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy logged in.
    [2011-12-01 11:35:09,806] [funambol.handler] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [] moving to state: STATE_PKG1_RECEIVING
    [2011-12-01 11:35:09,813] [funambol.zimbra] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [] LOAD ZimbraConnector 0.6.02
    [2011-12-01 11:35:09,817] [funambol.handler] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [] moving to state: STATE_PKG3_RECEIVING
    [2011-12-01 11:35:09,820] [funambol.transport.http] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [] Request processed.
    [2011-12-01 11:35:11,058] [funambol.transport.http] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [] Handling incoming request
    [2011-12-01 11:35:11,058] [funambol.transport.http] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [] Request URL: http://192.168.1.115:8080/funambol/ds
    [2011-12-01 11:35:11,058] [funambol.transport.http] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [] Requested sessionId: DFB3C97DEDE68024A32C80DB38CA66D6
    [2011-12-01 11:35:11,064] [funambol.engine] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [] Starting synchronization ...
    [2011-12-01 11:35:11,076] [funambol.zimbra] [ERROR] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [card] I/O Error
    javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLExceptio n(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(U nknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Un known Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Un known Source)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serv erCertificate(Unknown Source)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.proc essMessage(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.processLoo p(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.process_re cord(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRec ord(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.perform InitialHandshake(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHa ndshake(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHa ndshake(Unknown Source)
    at sun.net.http://www.protocol.https.HttpsClien...onnect(Unknown Source)
    at sun.net.http://www.protocol.https.AbstractDe...onnect(Unknown Source)
    at sun.net.http://www.protocol.http.HttpURLConn...Stream(Unknown Source)
    at sun.net.http://www.protocol.https.HttpsURLCo...Stream(Unknown Source)
    at ru.korusconsulting.connector.base.ZimbraPort.sendR equest(ZimbraPort.java:624)
    at ru.korusconsulting.connector.base.ZimbraPort.reque stAutorization(ZimbraPort.java:140)
    at ru.korusconsulting.connector.funambol.ZimbraSyncSo urce.commonSync(ZimbraSyncSource.java:121)
    at ru.korusconsulting.connector.funambol.ZimbraSyncSo urce.beginSync(ZimbraSyncSource.java:102)
    at ru.korusconsulting.connector.funambol.ContactSyncS ource.beginSync(ContactSyncSource.java:40)
    at com.funambol.server.engine.Sync4jEngine.sync(Sync4 jEngine.java:610)
    at com.funambol.server.session.SyncSessionHandler.pro cessModifications(SyncSessionHandler.java:1655)
    at com.funambol.server.session.SyncSessionHandler.pro cessSyncMessage(SyncSessionHandler.java:1499)
    at com.funambol.server.session.SyncSessionHandler.pro cessInitSyncMapMessage(SyncSessionHandler.java:960 )
    at com.funambol.server.session.SyncSessionHandler.pro cessMessage(SyncSessionHandler.java:527)
    at com.funambol.server.engine.SyncAdapter.processInpu tMessage(SyncAdapter.java:491)
    at com.funambol.server.engine.SyncAdapter.processMess age(SyncAdapter.java:442)
    at com.funambol.server.engine.SyncAdapter.processXMLM essage(SyncAdapter.java:218)
    at com.funambol.transport.http.server.LocalSyncHolder .processXMLMessage(LocalSyncHolder.java:97)
    at com.funambol.transport.http.server.Sync4jServlet.d oPost(Sync4jServlet.java:400)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:710)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:803)
    at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:290)
    at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)
    at com.funambol.transport.http.server.LogContextFilte r.doFilter(LogContextFilter.java:137)
    at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)
    at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)
    at com.funambol.transport.http.server.SyncResponseTim eFilter.doFilter(SyncResponseTimeFilter.java:151)
    at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)
    at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)
    at org.apache.catalina.core.StandardWrapperValve.invo ke(StandardWrapperValve.java:233)
    at org.apache.catalina.core.StandardContextValve.invo ke(StandardContextValve.java:175)
    at org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java:128)
    at org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:102)
    at org.apache.catalina.core.StandardEngineValve.invok e(StandardEngineValve.java:109)
    at org.apache.catalina.connector.CoyoteAdapter.servic e(CoyoteAdapter.java:286)
    at org.apache.coyote.http11.Http11Processor.process(H ttp11Processor.java:844)
    at org.apache.coyote.http11.Http11Protocol$Http11Conn ectionHandler.process(Http11Protocol.java:583)
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run( JIoEndpoint.java:447)
    at java.lang.Thread.run(Unknown Source)
    Caused by: java.security.cert.CertificateException: No subject alternative names present
    at sun.security.util.HostnameChecker.matchIP(Unknown Source)
    at sun.security.util.HostnameChecker.match(Unknown Source)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl. checkIdentity(Unknown Source)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl. checkServerTrusted(Unknown Source)
    ... 47 more
    [2011-12-01 11:35:11,077] [funambol.engine] [ERROR] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [card] Error starting the sync
    com.funambol.framework.engine.source.SyncSourceExc eption: Access denied, check userName and Password
    at ru.korusconsulting.connector.funambol.ZimbraSyncSo urce.commonSync(ZimbraSyncSource.java:124)
    at ru.korusconsulting.connector.funambol.ZimbraSyncSo urce.beginSync(ZimbraSyncSource.java:102)
    at ru.korusconsulting.connector.funambol.ContactSyncS ource.beginSync(ContactSyncSource.java:40)
    at com.funambol.server.engine.Sync4jEngine.sync(Sync4 jEngine.java:610)
    at com.funambol.server.session.SyncSessionHandler.pro cessModifications(SyncSessionHandler.java:1655)
    at com.funambol.server.session.SyncSessionHandler.pro cessSyncMessage(SyncSessionHandler.java:1499)
    at com.funambol.server.session.SyncSessionHandler.pro cessInitSyncMapMessage(SyncSessionHandler.java:960 )
    at com.funambol.server.session.SyncSessionHandler.pro cessMessage(SyncSessionHandler.java:527)
    at com.funambol.server.engine.SyncAdapter.processInpu tMessage(SyncAdapter.java:491)
    at com.funambol.server.engine.SyncAdapter.processMess age(SyncAdapter.java:442)
    at com.funambol.server.engine.SyncAdapter.processXMLM essage(SyncAdapter.java:218)
    at com.funambol.transport.http.server.LocalSyncHolder .processXMLMessage(LocalSyncHolder.java:97)
    at com.funambol.transport.http.server.Sync4jServlet.d oPost(Sync4jServlet.java:400)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:710)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:803)
    at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:290)
    at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)
    at com.funambol.transport.http.server.LogContextFilte r.doFilter(LogContextFilter.java:137)
    at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)
    at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)
    at com.funambol.transport.http.server.SyncResponseTim eFilter.doFilter(SyncResponseTimeFilter.java:151)
    at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)
    at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)
    at org.apache.catalina.core.StandardWrapperValve.invo ke(StandardWrapperValve.java:233)
    at org.apache.catalina.core.StandardContextValve.invo ke(StandardContextValve.java:175)
    at org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java:128)
    at org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:102)
    at org.apache.catalina.core.StandardEngineValve.invok e(StandardEngineValve.java:109)
    at org.apache.catalina.connector.CoyoteAdapter.servic e(CoyoteAdapter.java:286)
    at org.apache.coyote.http11.Http11Processor.process(H ttp11Processor.java:844)
    at org.apache.coyote.http11.Http11Protocol$Http11Conn ectionHandler.process(Http11Protocol.java:583)
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run( JIoEndpoint.java:447)
    at java.lang.Thread.run(Unknown Source)
    [2011-12-01 11:35:11,078] [funambol.handler] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [] moving to state: STATE_ERROR [All datastores are in error]
    [2011-12-01 11:35:11,078] [funambol.engine.source] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [card] card: 0 new items added, 0 existing items updated, 0 items deleted.
    [2011-12-01 11:35:11,078] [funambol.handler] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [] moving to state: STATE_ERROR [Session aborted with status code: PROCESSING ERROR]
    [2011-12-01 11:35:11,078] [funambol.handler] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [] moving to state: STATE_ENDED
    [2011-12-01 11:35:11,078] [funambol.handler] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [] Synchronization completed with error(s)
    [2011-12-01 11:35:11,081] [funambol.transport.http] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [] Request processed.
    [2011-12-01 11:35:11,081] [funambol.transport.http] [INFO] [DFB3C97DEDE68024A32C80DB38CA66D6] [192.168.1.17] [fol-V0lORE9XUy01NkI5QUUzOkFkbWluaXN0cmF0ZXVy] [admin@iresa.tn] [] Closing session DFB3C97DEDE68024A32C80DB38CA66D6


    and on Funambol client i got a msg asking me to verify the username and password even they are the right ones

    thank you for your help

  4. #4
    ccelis5215 is offline Elite Member
    Join Date
    Jun 2011
    Location
    Caracas Venezuela
    Posts
    470
    Rep Power
    4

    Default

    Hi,

    I've seen that you are using http://192.168.1.115:8080/funambol/ds instead of https://192.168.1.115:8080/funambol/ds in the remote devices.

    This works using the autosigned Zimbra certificate

    cd /opt/Funambol/ds-server/lib/security

    copy the Zimbra certificate in /opt/Funambol/ds-server/lib/security

    -- Import the zimbra certificate into Funambol keystore and then copy so all services use the same

    keytool -import -file ca.pem -alias zimbrakey -keypass funambol -storepass funambol

    cp /root/.keystore /opt/Funambol/ds-server/lib/security/cacerts

    cp /root/.keystore /opt/Funambol/tools/jre-1.6.0/jre/lib/security/cacerts

    cp /root/.keystore /opt/Funambol/config/com/funambol/server/security/cacerts

    cp /root/.keystore /opt/Funambol/inbox-listener/lib/security/cacerts


    Restart Funambol services and the syncs should take place.

    Regards.
    Last edited by ccelis5215; 12-08-2011 at 02:07 PM.

  5. #5
    wajdi.ayari is offline Starter Member
    Join Date
    Dec 2011
    Posts
    2
    Rep Power
    3

    Thumbs up Solved:

    hi, thank you for your reply it was so helpful
    the only thing i needed is to copy the /root/.keystore in the directory you have mentioned
    Now it works perfectly

  6. #6
    Sam159 is offline Senior Member
    Join Date
    Jan 2012
    Posts
    69
    Rep Power
    3

    Default

    Quote Originally Posted by ccelis5215 View Post
    Hi,

    I've seen that you are using http://192.168.1.115:8080/funambol/ds instead of https://192.168.1.115:8080/funambol/ds in the remote devices.

    This works using the autosigned Zimbra certificate

    cd /opt/Funambol/ds-server/lib/security

    copy the Zimbra certificate in /opt/Funambol/ds-server/lib/security

    -- Import the zimbra certificate into Funambol keystore and then copy so all services use the same

    keytool -import -file ca.pem -alias zimbrakey -keypass funambol -storepass funambol

    cp /root/.keystore /opt/Funambol/ds-server/lib/security/cacerts

    cp /root/.keystore /opt/Funambol/tools/jre-1.6.0/jre/lib/security/cacerts

    cp /root/.keystore /opt/Funambol/config/com/funambol/server/security/cacerts

    cp /root/.keystore /opt/Funambol/inbox-listener/lib/security/cacerts


    Restart Funambol services and the syncs should take place.

    Regards.
    I don't have a ca.pem file.. I only have .crt files, i imported them in zimbra. So what should I do to make it work with funambol?

  7. #7
    ccelis5215 is offline Elite Member
    Join Date
    Jun 2011
    Location
    Caracas Venezuela
    Posts
    470
    Rep Power
    4

    Default

    Hi SAM159,

    In my tests with Funambol i just used the autosigned Zimbra certs.

    But, as far i understand, you just need to import your Zimbra cert into the keystore used by Funambol.

    Sorry for no have provide you a HOW-TO.

    Try googling "Funambol HTTPS"...

    Regards.

  8. #8
    Sam159 is offline Senior Member
    Join Date
    Jan 2012
    Posts
    69
    Rep Power
    3

    Default

    Quote Originally Posted by ccelis5215 View Post
    Hi SAM159,

    In my tests with Funambol i just used the autosigned Zimbra certs.

    But, as far i understand, you just need to import your Zimbra cert into the keystore used by Funambol.

    Sorry for no have provide you a HOW-TO.

    Try googling "Funambol HTTPS"...

    Regards.
    I tried everything but every time I have access denied (in my funambol logs)

    Zimbra with my certificates works perfect. But syncing between funambol and zimbra over https doesn't work...

  9. #9
    Sam159 is offline Senior Member
    Join Date
    Jan 2012
    Posts
    69
    Rep Power
    3

    Default

    Still not solved, my ds-server log:

    javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address 10.1.1.60 found
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLExceptio n(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(U nknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Un known Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Un known Source)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serv erCertificate(Unknown Source)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.proc essMessage(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.processLoo p(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Handshaker.process_re cord(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRec ord(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.perform InitialHandshake(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHa ndshake(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHa ndshake(Unknown Source)
    at sun.net.http://www.protocol.https.HttpsClien...onnect(Unknown Source)
    at sun.net.http://www.protocol.https.AbstractDe...onnect(Unknown Source)
    at sun.net.http://www.protocol.http.HttpURLConn...Stream(Unknown Source)
    at sun.net.http://www.protocol.https.HttpsURLCo...Stream(Unknown Source)
    at ru.korusconsulting.connector.base.ZimbraPort.sendR equest(ZimbraPort.java:624)
    at ru.korusconsulting.connector.base.ZimbraPort.reque stAutorization(ZimbraPort.java:140)
    at ru.korusconsulting.connector.funambol.ZimbraSyncSo urce.commonSync(ZimbraSyncSource.java:121)
    at ru.korusconsulting.connector.funambol.ZimbraSyncSo urce.beginSync(ZimbraSyncSource.java:102)
    at ru.korusconsulting.connector.funambol.ContactSyncS ource.beginSync(ContactSyncSource.java:40)
    at com.funambol.server.engine.Sync4jEngine.sync(Sync4 jEngine.java:610)
    at com.funambol.server.session.SyncSessionHandler.pro cessModifications(SyncSessionHandler.java:1655)
    at com.funambol.server.session.SyncSessionHandler.pro cessSyncMessage(SyncSessionHandler.java:1499)
    at com.funambol.server.session.SyncSessionHandler.pro cessInitSyncMapMessage(SyncSessionHandler.java:960 )
    at com.funambol.server.session.SyncSessionHandler.pro cessMessage(SyncSessionHandler.java:527)
    at com.funambol.server.engine.SyncAdapter.processInpu tMessage(SyncAdapter.java:491)
    at com.funambol.server.engine.SyncAdapter.processMess age(SyncAdapter.java:442)
    at com.funambol.server.engine.SyncAdapter.processXMLM essage(SyncAdapter.java:218)
    at com.funambol.transport.http.server.LocalSyncHolder .processXMLMessage(LocalSyncHolder.java:97)
    at com.funambol.transport.http.server.Sync4jServlet.d oPost(Sync4jServlet.java:400)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:710)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:803)
    at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:290)
    at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)
    at com.funambol.transport.http.server.LogContextFilte r.doFilter(LogContextFilter.java:137)
    at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)
    at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)
    at com.funambol.transport.http.server.SyncResponseTim eFilter.doFilter(SyncResponseTimeFilter.java:151)
    at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)
    at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)
    at org.apache.catalina.core.StandardWrapperValve.invo ke(StandardWrapperValve.java:233)
    at org.apache.catalina.core.StandardContextValve.invo ke(StandardContextValve.java:175)
    at org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java:128)
    at org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:102)
    at org.apache.catalina.core.StandardEngineValve.invok e(StandardEngineValve.java:109)
    at org.apache.catalina.connector.CoyoteAdapter.servic e(CoyoteAdapter.java:286)
    at org.apache.coyote.http11.Http11Processor.process(H ttp11Processor.java:844)
    at org.apache.coyote.http11.Http11Protocol$Http11Conn ectionHandler.process(Http11Protocol.java:583)
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run( JIoEndpoint.java:447)
    at java.lang.Thread.run(Unknown Source)
    Caused by: java.security.cert.CertificateException: No subject alternative names matching IP address 10.1.1.60 found
    at sun.security.util.HostnameChecker.matchIP(Unknown Source)
    at sun.security.util.HostnameChecker.match(Unknown Source)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl. checkIdentity(Unknown Source)
    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl. checkServerTrusted(Unknown Source)
    ... 47 more
    [2012-01-26 14:27:26,267] [funambol.engine] [ERROR] [D5991E4097D2785DE93D5ACD97BE39E3] [10.1.1.51] [fol-U0FNLVBDOnNhbWhhc3Q=] [samhast@zimbrahaco.hacotekdomein.com] [card] Error starting the sync
    com.funambol.framework.engine.source.SyncSourceExce ption: Access denied, check userName and Password

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. ZCS7 Beta only Listens on IPv6
    By tobru in forum Installation
    Replies: 2
    Last Post: 03-25-2011, 03:31 AM
  2. fatal: parameter "smtpd_recipient_restrictions"
    By Robin in forum Administrators
    Replies: 8
    Last Post: 12-22-2010, 05:48 AM
  3. Replies: 21
    Last Post: 02-04-2010, 10:06 AM
  4. /tmp filling
    By Nutz in forum Administrators
    Replies: 8
    Last Post: 02-22-2008, 02:00 AM
  5. Unable to start tomcat
    By chanck in forum Administrators
    Replies: 11
    Last Post: 06-11-2006, 12:58 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •