Windows - Solving Alee CA cert issues

This applies to Windows - Enterprise server 3.7.0+

In highly secure environments where Aspera Enterprise server is operating behind firewalls and content filters, Alee (Aspera License Entitlement Engine) may not work due to CA cert issues. In logs you will see like the below

2018-04-23 09:57:10.990 [Grizzly(1)] WARN [SafeNetLicenseServer] SafeNet LicenseException while requesting features: com.aspera.safenet.cloudconnect.CloudConnectException: UNKNOWN [Unknown error] Client registration failed
2018-04-23 09:57:10.990 [Grizzly(1)] WARN [FeatureManager] Cannot retrieve license information: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target || CAUSING: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target || CAUSING: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target || CAUSING: com.aspera.safenet.cloudconnect.CloudConnectException: UNKNOWN [Unknown error] Client registration failed
2018-04-23 09:57:11.005 [Grizzly(1)] ERROR [ContainerResponse] Mapped exception to response: 503 (Service Unavailable)
javax.ws.rs.WebApplicationException: com.aspera.safenet.cloudconnect.CloudConnectException: UNKNOWN [Unknown error] Client registration failed
at controllers.ResponseHelper.error(ResponseHelper.java:131) ~[alee.jar:na]
at controllers.ResponseHelper.error(ResponseHelper.java:110) ~[alee.jar:na]
at controllers.FeatureManager.listAll(FeatureManager.java:80) ~[alee.jar:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_65]
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[na:1.8.0_65]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[na:1.8.0_65]
at java.lang.reflect.Method.invoke(Unknown Source) ~[na:1.8.0_65]
at com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60) ~[jersey-server.jar:1.17.1]
at com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185) ~[jersey-server.jar:1.17.1]

in order to solve we need to import into Alee the right CA certs.

Stop Alee

Screen_Shot_2018-04-23_at_13.57.00.png

uninstall it

"C:\Program Files (x86)\Aspera\Enterprise Server\alee\bin\asperalee.bat" remove

edit the file "C:\Program Files (x86)\Aspera\Enterprise Server\alee\bin\asperalee.bat" adding the following at line 98

++JvmOptions=-Djavax.net.ssl.trustStore="%INSTALL_DIR%\bin\cakeystore"^
++JvmOptions=-Djavax.net.ssl.trustStorePassword="aspera"^

save the file and install the service 

"C:\Program Files (x86)\Aspera\Enterprise Server\alee\bin\asperalee.bat" install

Now copy the attached cakeystore to the following folder

c:\Program Files (x86)\Aspera\Enterprise Server\alee\bin\

Go to Services and start Alee and it should work

Screen_Shot_2018-04-23_at_13.59.07.png

 

 

 

Attachments

0 Comments

Please sign in to leave a comment.
Powered by Zendesk