[midPoint] sms notification - https client certificate authentication

Jason Everling jeverling at bshp.edu
Thu Mar 14 16:52:50 CET 2019 

Did you add it to java keystore or your midpoint keystore under
midpoint.home ? Needs to be in that keystore under midpoint.home

JASON


On Thu, Mar 14, 2019 at 10:50 AM Petr Herman <petr.herman at soc365.cz> wrote:

> Hello,
>
>
>
> yes, I’ve tried to add a client private key, client certificate(p12 file)
> and all related CAs to Java keystore.
>
>
>
> I’ve changed the name of the certificate KeyEntry to be the same as the
> HTTPS hostname, I’ve changed the password for the PrivateKeyEntry to be the
> same as keystore password, I’ve restarted Midpoint.
>
>
>
> *#*keytool -keystore keystore.jceks -storetype jceks -storepass changeit
> –list
>
> *smsconnector.cz.o2.com <http://smsconnector.cz.o2.com>, Mar 14, 2019,
> PrivateKeyEntry,*
>
> *thawte tls rsa ca g1, Mar 14, 2019, trustedCertEntry,*
>
> *default, Aug 17, 2018, SecretKeyEntry,*
>
> *et sms connector, Mar 14, 2019, trustedCertEntry,*
>
> *o2 sms connector, Mar 14, 2019, trustedCertEntry,*
>
>
>
> There is still the same issue:
>
>
>
> 2019-03-14 15:53:48,434 [] [pool-6-thread-1] DEBUG
> (com.evolveum.midpoint.notifications.impl.api.transports.SimpleSmsTransport):
> Sending SMS to URL https://smsconnector.cz.o2.com/smsconnector/getpost/GP
> (method POST)
>
> 2019-03-14 15:53:48,434 [] [pool-6-thread-1] DEBUG
> (com.evolveum.midpoint.notifications.impl.api.transports.SimpleSmsTransport):
> Using request headers:
>
> [Content-Type: application/x-www-form-urlencoded]
>
> 2019-03-14 15:53:48,443 [] [pool-6-thread-1] DEBUG
> (com.evolveum.midpoint.notifications.impl.api.transports.SimpleSmsTransport):
> Using request body text (encoding: ISO-8859-1):
>
>
> action=send&baID=1991234&fromNumber=%2b420720001234&toNumber=%2b420604555666&text=Test+zprava
>
> 2019-03-14 15:53:48,663 [] [pool-6-thread-1] ERROR
> (com.evolveum.midpoint.notifications.impl.api.transports.SimpleSmsTransport):
> Couldn't send SMS to [+420604555666] via null, trying another gateway, if
> there is any, reason: Received fatal alert: *handshake_failure (class
> javax.net.ssl.SSLHandshakeException)*
>
> 2019-03-14 15:53:48,667 [] [pool-6-thread-1] DEBUG
> (com.evolveum.midpoint.notifications.impl.api.transports.SimpleSmsTransport):
> Couldn't send SMS to [+420604555666] via null, trying another gateway, if
> there is any.
>
> *javax.net.ssl.SSLHandshakeException: Received fatal alert:
> handshake_failure*
>
>         at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
>
>         at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
>
>         at
> sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2020)
>
>         at
> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1127)
>
>         at
> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
>
> ...
>
>
>
>
>
> *Question is how to force Midpoint or Tomcat to use SSL client certificate
> from keystore during comunication with particular HTTPS URL?*
>
>
>
> Thank you for any advices
>
>
>
> Best regards
>
> Petr Herman
>
>
>
>
>
>
>
> *Od:* midPoint <midpoint-bounces at lists.evolveum.com> *za uživatele *Jason
> Everling
> *Odesláno:* Tuesday, March 12, 2019 9:10 PM
> *Komu:* midPoint General Discussion <midpoint at lists.evolveum.com>
> *Předmět:* Re: [midPoint] sms notification - https client certificate
> authentication
>
>
>
> Have you tried adding the client certificate/key into your midpoint
> keystore then running an sms notification?
>
>
>
>
>
>
>
> On Tue, Mar 12, 2019 at 9:08 AM Petr Herman <petr.herman at soc365.cz> wrote:
>
> Hello everyone,
>
>
>
> the customer wants to integrate O2 SMS gateway using HTTP GET/POST, but
> SMS gateway is using HTTPS client certificate for authentication.
>
>
>
> Does Midpoint support this feature?
>
>
>
> Thank you in advance
>
> Best regards
>
>
>
> Petr Herman
>
> Visitech a.s.
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20190314/c7cb925d/attachment.htm>

More information about the midPoint mailing list