You have an HTTPS Clarity 15.9.3 setup on Linux and HTTPS Jaspersoft setup and communicating with Clarity over HTTPS. Both web applications are reachable via HTTPS and HTTPS and working on the server and between Jaspersoft and Clarity. You are trying to get the XOG client and XOGin a gel script to work over HTTPS.
When running the XOG client on the Clarity application server, you get the following errors:
XOG Invoke Failed
With ssl debug on in xog you get additional errors:
X509Authentication - No X.509 cert selected for EC, RSA, RSASSA-PSS, DSA.
When running a XOG within a gel script (the same script works over HTTP) you get this error:
PKIX path building failed, unable to find valid certification path to requested target.
When running the XOG client on a windows computer that can connect to the Clarity HTTPS web app via the browser You get the following errors:
Xog Invoke Failed
For the XOG client on the server, how does it know what certificate to send and where does it get it from? Does it use the same one in NSA? Do you need to put something in Java to specify the private key?
For the XOG in a gel script, do you need to send a certification? If so how? Does it use the NSA settings?
The same questions apply when on a windows client.
Release : 15.9.3 On Premise
keytool -import -trustcacerts -alias mdecert -file C:\temp\mdeCert.cer -keystore cacerts
<Connector port="443" maxHttpHeaderSize="8192" address="192.168.1.1"
acceptCount="100" scheme="https" secure="true" clientAuth="false"
sslProtocol="TLSv1, TLSv1.1, TLSv1.2"
Add the cipher here if it is missing
We can use "openssl s_client -connect ppm.server.com:443" to get the complete chain of certificates and validate if what certificates we imported are the right ones.
Note: If the issue started happening after Java upgrade, as workaround you can repoint Clarity to the previous Java install in properties.xml & restart the services.