Hitachi Vantara Pentaho Community Forums
Results 1 to 6 of 6

Thread: HTTPS Webservices

  1. #1

    Default HTTPS Webservices

    I have a question on WebserviceLookup Plugin.
    We are able to query and get data from http webservices.
    For https do we need to download the certificates and then try querying them.
    Some pointers will definitely help.
    -Thanks
    Yogesh

  2. #2
    Join Date
    Oct 2006
    Posts
    817

    Default

    There should be no extra steps in the case of a well-known (e.g. VeriSign) certificate signer. In the case of a self-signed certificate, you'll need to trust the signer.

  3. #3

    Default

    Hi,

    Is anybody have used web service lookup step over SSL.
    I am able to do lookup over HTTP.However it gives me certificate error when I used HTTPS.
    The error is obvious as we don't have any mechanism to add client certificate at web service lookup step.
    Please suggest me any work around/ solution for this.
    Thank you.

    Regards,
    Mir Kasim Ali

  4. #4

    Default HTTPS Webservices

    Quote Originally Posted by mlowery View Post
    There should be no extra steps in the case of a well-known (e.g. VeriSign) certificate signer. In the case of a self-signed certificate, you'll need to trust the signer.
    Could you please elaborate further on "how to trust the certificate signer".
    Is there any workaround available to access the self signed certificate (not trust source).
    or Do I need to modify the code of the web service lookup.
    I appreciate your help.
    Thank you.

  5. #5
    Join Date
    Oct 2006
    Posts
    817

    Default

    One way:

    Using Firefox, get the certificate of the server in PEM format:
    1. When you request an HTTPS URL, you'll be prompted with the dialog below. Click Add Exception...
    2. Allow the certificate to be fetched automatically or click Get Certificate. Now click Confirm Security Exception.
    3. Open Firefox Preferences. Click Advanced then click the Encryption tab. Click View Certificates.
    4. Select the certificate whose Certificate Name corresponds to the server with which you'd like to communicate. Click Export.
    5. Name the file x.pem and choose the file format of X.509 Certificate (PEM) (should be the default).

    Now trust the signer of the certificate:

    Code:
    sudo keytool -import -alias pentaho -file x.pem -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -keypass changeit

  6. #6

    Default

    Hey Thanks for your Valuable Inputs.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Privacy Policy | Legal Notices | Safe Harbor Privacy Policy

Copyright © 2005 - 2019 Hitachi Vantara Corporation. All Rights Reserved.