Using JasperServer plugin with HTTPS
[toc on_off::hide=1]
When you are trying to access a JasperServer on a secure connection through iReport plugin you will most likely see the following error:
This strange error just says that the certificate of the server has not been validated, or it is just untrusted.
How to deal with this? Here are the steps you would need to undertake in order to be able to access your secure JasperServer through iReport (note this instruction only applies to Java 5 or 6, not 7):
1. First unpack attached InstallCert.zip file and extract java class files into a tmp directory
2. Add the server certificate to a keystore using the java class with the following command line instruction:
java InstallCert [:port] [passphrase]
in example:
java InstallCert 172.17.5.239:8443
If the certificate is not trusted, you get some exception and then you are prompted to add this certificate to your keystore (a new keystore is created, it is a file called jssecacerts and the password (if not specified on the command line) is set to changeit
If you run this command again, you should get something like:
C:tmp>java InstallCert 172.17.5.239:8443
Loading KeyStore jssecacerts...
Opening connection to 172.17.5.239:8443...
Starting SSL handshake...
No errors, certificate is already trusted
Server sent 1 certificate(s):
1 Subject CN=ramnik kaur, OU=jaspersoft, O=jaspersoft, L=san francisco, ST=ca, C=us
Issuer CN=ramnik kaur, OU=jaspersoft, O=jaspersoft, L=san francisco, ST=ca, C=us
sha1 3a 84 6a 2b d9 71 8e d7 05 0b 97 42 6b ee 20 fa 89 1e b4 2a
md5 ac e6 fd e2 ae 64 d6 a7 26 79 c1 61 bd d3 f3 c1
Enter certificate to add to trusted keystore or 'q' to quit: [1]
3. Now we have to tell iReport how to use this cert store.
This can be done by editing the file /etc/ireport.conf and appending the java properties to force java to use our cert store:
....
# command line switches
default_options="--branding ireport -J-Xms256m -J-Xmx512m -J-Dorg.netbeans.ProxyClassLoader.level=1000 -J-Djavax.net.ssl.trustStore=c:tmpjssecacerts -L-Djavax.net.ssl.trustStorePassword=changeit"
# for development purposes you may wish to append: -J-Dnetbeans.logger.console=true -J-ea
.....
After these actions are taken iReport should be able to access your server.
NOTES
- On a Mac machine, the ireport.conf file is located at /Volumes/iReport-{version}/Jaspersoft iReport Designer.app/Contents/Resources/ireport/etc
- Also leave the TrustStore password blank when trying to make the connection.
see also: http://community.jaspersoft.com/wiki/using-ssl-certificate-jaspersoft-studio-55
Recommended Comments
There are no comments to display.