I am facing one serious issue & need your assistance. I have configured
Open SSL certificate with my server (Tomcat 6.0) successfully. when i am
typing url to access Odk Aggregate then http://:/ successfully transfer to https://:/. Upto this its fine. After that when i am connecting Odk Collect
to aggregate instance in the server (for downloading forms), i am getting
one repetitive error,
"Form listing failed. Error: javax.net.ssl.SSLPeerUnverifiedException: No
peer certificate while accessing https://://formList"
The certificate i am using is self signed & not trusted. (As i am using
it for testing perpose)
i also had added that certificate into my android device's
Security/Trusted credentials section.
But still it showing the same error.
I want to know, Is Odk Collect only supports trusted group provided
certificates (As i don't have) or any further settings i need to do.
Can the browser on your phone/device log onto ODK Aggregate without
complaining about an untrusted certificate?
If it pops up any 'this certificate is not trusted' warning, this will
cause problems inside ODK Collect, as we requires a proper, strong, SSL
certificate chain.
You need to install both the SSL public key server certificate on the phone
as well as the public-key CA certificate that you signed that SSL
certificate with. Search the web for how to do that.
Once you have both installed, and can log onto ODK Aggregate without any
complaints in the browser, then ODK Collect should work.
Mitch
···
On Thu, Nov 14, 2013 at 6:05 AM, Debasis Patra wrote:
Hello friends,
I am facing one serious issue & need your assistance. I have configured
Open SSL certificate with my server (Tomcat 6.0) successfully. when i am
typing url to access Odk Aggregate then http://:/ successfully transfer to https://:/. Upto this its fine. After that when i am connecting Odk Collect
to aggregate instance in the server (for downloading forms), i am getting
one repetitive error,
"Form listing failed. Error: javax.net.ssl.SSLPeerUnverifiedException:
No peer certificate while accessing https://://formList"
The certificate i am using is self signed & not trusted. (As i am using
it for testing perpose)
i also had added that certificate into my android device's
Security/Trusted credentials section.
But still it showing the same error.
I want to know, Is Odk Collect only supports trusted group provided
certificates (As i don't have) or any further settings i need to do.
Yes, my phone browser successfully log onto ODK Aggregate without
complaining about an untrusted certificate. but ODK collect can't able to
connect to the server. In the process of creating certificate, i have done
these following steps,
Created keystore file first.
By using keystore file i had generated CSR file.
By using Open SSL software i had generate key file then certificate file.
This certificate i had configured in Tomcat server.(providing path to
server.xml file) & also install this certificate to android device. But
still getting the same error.
(Couldn't able to clarify difference betwn. SSL public key server
certificate and public-key CA certificate.)
Please suggest..
Debasis
···
On Thursday, November 14, 2013 7:35:28 PM UTC+5:30, Debasis Patra wrote:
>
> Hello friends,
>
> I am facing one serious issue & need your assistance. I have configured
> Open SSL certificate with my server (Tomcat 6.0) successfully. when i am
> typing url to access Odk Aggregate then http://:/ Instance> successfully transfer to https://:/ Instance>. Upto this its fine. After that when i am connecting Odk Collect
> to aggregate instance in the server (for downloading forms), i am getting
> one repetitive error,
>
> "Form listing failed. Error: javax.net.ssl.SSLPeerUnverifiedException:
> No peer certificate while accessing https://:/ Instance>/formList"
>
> - The certificate i am using is self signed & not trusted. (As i am using
> it for testing perpose)
> - i also had added that certificate into my android device's
> Security/Trusted credentials section.
>
> But still it showing the same error.
>
> I want to know, Is Odk Collect only supports trusted group provided
> certificates (As i don't have) or any further settings i need to do.
>
> Waiting for your response..
> Thanks in advance..
>
> Regards,
> Debasis
>
>
>
The issue is that your SSL certificate does not have a 'trusted root CA
certificate' registered on your phone. That would be the "CA certificate"
of the private key used to sign your SSL certificate. ODK Collect requires
that every SSL certificate be traceable back to a registered CA entity.
Mitch
···
On Thu, Nov 14, 2013 at 11:56 PM, Debasis Patra wrote:
Hello Mitch,
Yes, my phone browser successfully log onto ODK Aggregate without
complaining about an untrusted certificate. but ODK collect can't able to
connect to the server. In the process of creating certificate, i have done
these following steps,
Created keystore file first.
By using keystore file i had generated CSR file.
By using Open SSL software i had generate key file then certificate
file.
This certificate i had configured in Tomcat server.(providing path to
server.xml file) & also install this certificate to android device. But
still getting the same error.
(Couldn't able to clarify difference betwn. SSL public key server
certificate and public-key CA certificate.)
Please suggest..
Debasis
On Thursday, November 14, 2013 7:35:28 PM UTC+5:30, Debasis Patra wrote:
Hello friends,
I am facing one serious issue & need your assistance. I have configured
Open SSL certificate with my server (Tomcat 6.0) successfully. when i am
typing url to access Odk Aggregate then http://:/ successfully transfer to https://:/. Upto this its fine. After that when i am connecting Odk Collect
to aggregate instance in the server (for downloading forms), i am getting
one repetitive error,
"Form listing failed. Error: javax.net.ssl.SSLPeerUnverifiedException:
No peer certificate while accessing https://://formList"
The certificate i am using is self signed & not trusted. (As i am using
it for testing perpose)
i also had added that certificate into my android device's
Security/Trusted credentials section.
But still it showing the same error.
I want to know, Is Odk Collect only supports trusted group provided
certificates (As i don't have) or any further settings i need to do.
The issue is that your SSL certificate does not have a 'trusted root CA
certificate' registered on your phone. That would be the "CA certificate" of
the private key used to sign your SSL certificate. ODK Collect requires that
every SSL certificate be traceable back to a registered CA entity.
Yes, my phone browser successfully log onto ODK Aggregate without
complaining about an untrusted certificate. but ODK collect can't able to
connect to the server. In the process of creating certificate, i have done
these following steps,
Created keystore file first.
By using keystore file i had generated CSR file.
By using Open SSL software i had generate key file then certificate
file.
This certificate i had configured in Tomcat server.(providing path to
server.xml file) & also install this certificate to android device. But
still getting the same error.
(Couldn't able to clarify difference betwn. SSL public key server
certificate and public-key CA certificate.)
Please suggest..
Debasis
On Thursday, November 14, 2013 7:35:28 PM UTC+5:30, Debasis Patra wrote:
Hello friends,
I am facing one serious issue & need your assistance. I have configured
Open SSL certificate with my server (Tomcat 6.0) successfully. when i am
typing url to access Odk Aggregate then http://:/ successfully transfer to https://:/.
Upto this its fine. After that when i am connecting Odk Collect to aggregate
instance in the server (for downloading forms), i am getting one repetitive
error,
"Form listing failed. Error: javax.net.ssl.SSLPeerUnverifiedException:
No peer certificate while accessing https://://formList"
The certificate i am using is self signed & not trusted. (As i am using
it for testing perpose)
i also had added that certificate into my android device's
Security/Trusted credentials section.
But still it showing the same error.
I want to know, Is Odk Collect only supports trusted group provided
certificates (As i don't have) or any further settings i need to do.