Hitachi Vantara Pentaho Community Forums
Results 1 to 8 of 8

Thread: MD2withRSA is disabled error when running HTTP Client or REST Client steps

  1. #1

    Default MD2withRSA is disabled error when running HTTP Client or REST Client steps

    I am trying to reach https://commission-detail.api.cj.com...ate=2012-06-31
    and I have included the authorization header when running either HTTP Client or REST Client steps. I get the following error:

    sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: algorithm check failed: MD2withRSA is disabled

    The java version running on my computer is 1.6.0_32
    And I know that this REST API call is supposed to work because it works fine on Firefox when I try it using the Modify Headers add-on.

    Please help me fix this error in PDI.

    Thank you!

  2. #2
    Join Date
    Jun 2012
    Posts
    5,534

    Default

    You should ask the commission-detail.api.cj.com administrator
    (a) to drop that defunct MD2-signed certificate from the servers keystore and
    (b) to stop delivering a root certificate with the trust chain, anyway.
    So long, and thanks for all the fish.

  3. #3

    Default

    If it is a problem with commission junction's system, then why does it still run okay on Firefox with the Modify Headers Add-on?

  4. #4
    Join Date
    Jun 2012
    Posts
    5,534

    Default

    Firefox may be wise enough to not accept the root certificate sent with the trust chain.
    Fact is, I get an outdated MD2-signed root certificate from the server:

    Certificate:
    Data:
    Version: 1 (0x0)
    Serial Number:
    70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
    Signature Algorithm: md2WithRSAEncryption
    Issuer: C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
    Don't take my word for it, check out for yourself.
    So long, and thanks for all the fish.

  5. #5

    Default

    Is there any way for it to work in PDI?

  6. #6
    Join Date
    Jun 2012
    Posts
    5,534

    Default

    Glad you asked.

    You can reimplement the relevant steps so that they happily work with a badly managed server.

    Or you try to wake up the administrator of the server.
    MD2 was disabled from Java 1.6.0-17 in 2009, after all.
    So long, and thanks for all the fish.

  7. #7

    Default

    I have learned of the answer. The java installed with my pdi is old, so I had to set the PENTAHO_JAVA_HOME variable to point to the java version currently running on my Windows. Here's how: http://infocenter.pentaho.com/help/i...e_windows.html
    Now my REST Client and HTTP Client steps run without error.

  8. #8
    Join Date
    Jun 2012
    Posts
    5,534

    Default

    Oo, this needs further investigation ...
    So long, and thanks for all the fish.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Privacy Policy | Legal Notices | Safe Harbor Privacy Policy

Copyright © 2005 - 2019 Hitachi Vantara Corporation. All Rights Reserved.