Modify

Opened 7 years ago

Last modified 3 years ago

#16123 new task

External Imagery/Styles/Presets/Plugins/Rules https

Reported by: stoecker Owned by: team
Priority: normal Milestone: Longterm
Component: External imagery source Version:
Keywords: https Cc: Klumbumbus, Don-vip

Description (last modified by stoecker)

This ticket is for tracking progress of http → https switch for external data. For list of ignores see IntegrationTestIgnores page.

Recent state: (91 answer on port 443 and 61 [not in this list] don't answer on port 443)

  • actmapi.act.gov.au [Error hostname verification failed] :MAP:ACTmapi Imagery Feb 2019 # MAP:ACTmapi Imagery June 2019
  • cellavadasz.openstreetmap.hu [Error SSL connect attempt failed error:1408F10B:SSL routines:ssl3_get_record:wrong version number] :STYLE:cellid.mapcss # STYLE:measurements.mapcss # STYLE:signal-size.mapcss
  • center-obuv.ru [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :PRESET:russian_shops.xml
  • cu.bgfretail.com [200 OK]: PRESET:Preset.zip
  • dados.gov.br [Error hostname verification failed] :MAP:IBGE-BC250 Highways stretchesIBGE-BC250-Trecho Rodoviario # MAP:IBGE-BC250 Indigenous LandsIBGE-BC250-Terra Indigena # MAP:IBGE-BC250 Isolated Rural LocationIBGE-BC250-Aglomerado Rural Isolado # MAP:IBGE-BC250 Landing stripIBGE-BC250-Pista de Pouso # MAP:IBGE-BC250 River drainsIBGE-BC250-Rios Drenagem # MAP:IBGE-BC250 Units of Sustainable Use - APAIBGE-BC250-Unidade de Uso Sistentável - APA # MAP:IBGE-BC250 VillagesIBGE-BC250-Villa # MAP:IBGE-BCIM MunicipalitiesIBGE-BCIM-Município # MAP:IBGE-BCIM Stations for Electrical Power GenerationIBGE-BCIM-Estações Geradora de Energia Elétrica
  • data.virginia.gov [Error hostname verification failed] :MAP:Virginia Building Footprints # MAP:Virginia Imagery Service - Most Recent # MAP:Virginia Property Lines
  • data.vorarlberg.gv.at [Error hostname verification failed] :MAP:VoGIS: Echtfarbenbild 2018 (10cm) # MAP:VoGIS: Flächenwidmungsplan # MAP:VoGIS: Höhen und Gelände # MAP:VoGIS: Luftbilder
  • datos.minem.gob.ar [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :MAP:Ministry of Energy and Mining (WMS)Ministerio de Energía y Minería (WMS)
  • docs.inasafe.org [521 Origin Down]: PRESET:mrtngrsbch_Preset-GLAM-JOSM.zip
  • dunkindonutsmoscow.ru [Error SSL connect attempt failed error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure] :PRESET:russian_shops.xml
  • e-odgik.chorzow.eu [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :MAP:Chorzów: Buildings
  • e.tile.openstreetmap.hu [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :MAP:Danube flood orthophoto 2013Dunai árvízi ortofotó 2013 # MAP:EUFAR Balaton orthophotos # MAP:FÖMI orthophoto 2000FÖMI ortofotó 2000 # MAP:FÖMI orthophoto 2005FÖMI ortofotó 2005 # MAP:Szeged orthophoto 2011Szeged ortofotó 2011
  • emapa.katowice.eu [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :MAP:Katowice: Orthophotomap (aerial image)
  • fototerkep.hu [Error hostname verification failed] :MAP:Danube flood orthophoto 2013Dunai árvízi ortofotó 2013 # MAP:Sóskút, Pusztazámor, Tárnok, Diósd orthophoto 2017Sóskút, Pusztazámor, Tárnok, Diósd ortofotó 2017
  • geolittoral.din.developpement-durable.gouv.fr [Error Connection reset by peer] :MAP:Géolittoral - Orthophotos 2000 # MAP:Géolittoral - Sentiers # MAP:Géolittoral V2 - Orthophotos 2011-2014
  • glowsubs.ru [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :PRESET:russian_shops.xml
  • gs25.gsretail.com [302 Found]: PRESET:Preset.zip
  • hochicken.co.kr [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :PRESET:Preset.zip
  • ilpatio.ru [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :PRESET:russian_shops.xml
  • jangmonim.co.kr [Error hostname verification failed] :PRESET:Preset.zip
  • josm.openstreetmap.de [200 Ok]: PLUGIN:comfort0.jar
  • kolbasa.ru [200 OK]: PRESET:russian_shops.xml
  • kolesar.turistautak.hu [Error SSL connect attempt failed error:1408F10B:SSL routines:ssl3_get_record:wrong version number] :STYLE:cellid.mapcss # STYLE:measurements.mapcss # STYLE:signal-size.mapcss
  • line.me [302 Found]: PRESET:russian_shops.xml
  • maps.stamen.com [Error hostname verification failed] :MAP:Stamen Terrain
  • mil.ru [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :PRESET:russian_shops.xml
  • msip-mapa.um.gliwice.pl [Error hostname verification failed] :MAP:Gliwice: Buildings # MAP:Gliwice: Orthophotomap 2013 (aerial image)
  • odp.capetown.gov.za [Error hostname verification failed] :MAP:City of Cape Town 2017 Aerial # MAP:City of Cape Town 2018 Aerial
  • opendata.grandnancy.eu [403 Forbidden]: MAP:Nancy - Orthophoto # MAP:Nancy - Orthophoto - 1994 # MAP:Nancy - Orthophoto - 1999 # MAP:Nancy - Orthophoto - 2001 # MAP:Nancy - Orthophoto - 2002 # MAP:Nancy - Orthophoto - 2005 # MAP:Nancy - Orthophoto - 2008 # MAP:Nancy - Orthophoto - 2012 # MAP:Nancy - Orthophoto - 2016
  • openstreetmap.tw [301 Moved Permanently]: PRESET:TaiwanOnly.xml
  • orto.wms.itacyl.es [Error hostname verification failed] :MAP:ITACyL - Castile and León
  • osm-icons.org [Error SSL connect attempt failed error:1408F10B:SSL routines:ssl3_get_record:wrong version number] :PRESET:mrtngrsbch_Preset-GLAM-JOSM.zip
  • osm.flossk.org [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :MAP:Kosovo AKK roads # MAP:Kosovo AKK roads with a name that is missing in OSM
  • overpass-turbo.eu [200 OK]: RULE:Rules_Brazilian-Specific.validator.mapcss
  • parking.mos.ru [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :PRESET:russian_shops.xml
  • pncg.co.kr [200 OK]: PRESET:Preset.zip
  • przemas75.github.io [404 Not Found]: PRESET:Presets_access_PL-preset.xml
  • raw.githubusercontent.com [301 Moved Permanently]: STYLE:INT1_Seamark.mapcss
  • speed-control.by [Error hostname verification failed] :WIKIPRESET:Presets_speed_camera_in_Belarus-preset.zip
  • tms.bordeaux.inria.fr [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :MAP:Bordeaux - 2016
  • trac.openstreetmap.org [200 Ok]: STYLE:mapnik.zip
  • ttobongee.com [Error hostname verification failed] :PRESET:Preset.zip
  • wiki.openstreetmap.org [301 Moved Permanently]: PLUGIN:Tracer-testing.jar # PLUGIN:contourmerge.jar # PLUGIN:fieldpapers.jar # PLUGIN:mbtiles.jar # STYLE:CEVNI_MapCSS.mapcss # STYLE:electrified.zip
  • wms.openstreetmap.hu [Error SSL connect attempt failed error:1408F10B:SSL routines:ssl3_get_record:wrong version number] :MAP:Sóskút, Pusztazámor, Tárnok, Diósd orthophoto 2017Sóskút, Pusztazámor, Tárnok, Diósd ortofotó 2017 # MAP:openstreetmap.hu orthophotosopenstreetmap.hu ortofotók
  • wms1.geopoz.poznan.pl [Error No route to host] :MAP:Poznań: Orthophotomap 2014 (aerial image) # MAP:Poznań: Orthophotomap 2016 (aerial image)
  • www.9922.co.kr [Error hostname verification failed] :PRESET:Preset.zip
  • www.ajuker.co.kr [Error hostname verification failed] :PRESET:Preset.zip
  • www.bonjuk.co.kr [Error hostname verification failed] :PRESET:Preset.zip
  • www.burgerking.co.kr [200 OK]: PRESET:Preset.zip
  • www.caffe-pascucci.co.kr [302 Object moved]: PRESET:Preset.zip
  • www.central-ppk.ru [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :PRESET:russian_shops.xml
  • www.cheogajip.co.kr [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :PRESET:Preset.zip
  • www.cknia.com [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :PRESET:Preset.zip
  • www.codgik.gov.pl [Error SSL connect attempt failed] :MAP:Geoportal 2: PRNG (geo names)
  • www.coffeebeankorea.com [301 Moved Permanently]: PRESET:Preset.zip
  • www.dgterritorio.pt [Error SSL connect attempt failed] :MAP:Carta de Uso do Solo 2010 (WMS) # MAP:Carta de Uso do Solo 2015 (WMS) # MAP:Ortofotos DGRF 2004-2006 (WMS) # MAP:Ortofotos DGT 2018 (WMTS) # MAP:Ortofotos Litoral DGT 2014-2015 (WMS)
  • www.e1.co.kr [302 Found]: PRESET:Preset.zip
  • www.ftf.bfkh.gov.hu [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :MAP:FÖMI orthophoto 2000FÖMI ortofotó 2000 # MAP:FÖMI orthophoto 2005FÖMI ortofotó 2005
  • www.gamtan.co.kr [Error hostname verification failed] :PRESET:Preset.zip
  • www.gangjung.com [200 OK]: PRESET:Preset.zip
  • www.gcova.co.kr [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :PRESET:Preset.zip
  • www.geoimage.at [Error hostname verification failed] :MAP:Geoimage.at MaxRes
  • www.geolittoral.developpement-durable.gouv.fr [Error Connection reset by peer] :MAP:Géolittoral - Orthophotos 2000 # MAP:Géolittoral - Sentiers # MAP:Géolittoral V2 - Orthophotos 2011-2014
  • www.gisnet.lv [Error No route to host] :MAP:USSR - Latvia
  • www.gscaltex.com [302 Found]: PRESET:Preset.zip
  • www.innisfree.co.kr [Error hostname verification failed] :PRESET:Preset.zip
  • www.istarbucks.co.kr [200 OK]: PRESET:Preset.zip
  • www.jawsfood.co.kr [Error hostname verification failed] :PRESET:Preset.zip
  • www.jukstory.com [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :PRESET:Preset.zip
  • www.kfckorea.com [200 OK]: PRESET:Preset.zip
  • www.kruzhka.ru [301 Moved Permanently]: PRESET:russian_shops.xml
  • www.kyochon.com [200 OK]: PRESET:Preset.zip
  • www.limschicken.co.kr [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :PRESET:Preset.zip
  • www.mcdonalds.co.kr [200 ]: PRESET:Preset.zip
  • www.mexican.co.kr [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :PRESET:Preset.zip
  • www.monetka.ru [200 OK]: PRESET:russian_shops.xml
  • www.mosgortrans.ru [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :PRESET:russian_shops.xml
  • www.moskorea.kr [Error hostname verification failed] :PRESET:Preset.zip
  • www.mythunder.co.kr [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :PRESET:Preset.zip
  • www.officedepot.co.kr [302 ]: PRESET:Preset.zip
  • www.oliveyoung.co.kr [200 OK]: PRESET:Preset.zip
  • www.openstreetmap.org.pl [Error hostname verification failed] :PLUGIN:kendzi3d.jar
  • www.popeyes.co.kr [Error SSL connect attempt failed] :PRESET:Preset.zip
  • www.raphael-mack.de [Error hostname verification failed] :PLUGIN:globalsat.jar
  • www.s-oil.com [301 Moved Permanently]: PRESET:Preset.zip
  • www.seduh.df.gov.br [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :MAP:GeoPortal DF 2015 # MAP:GeoPortal DF 2016 # MAP:GeoPortal DF 2017
  • www.sinjeon.co.kr [Error SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed] :PRESET:Preset.zip
  • www.sjjb.co.uk [200 OK]: PRESET:mrtngrsbch_Preset-GLAM-JOSM.zip
  • www.speed-control.by [Error hostname verification failed] :WIKIPRESET:Presets_speed_camera_in_Belarus-preset.zip
  • www.starbucks.ru [200 OK]: PRESET:russian_shops.xml
  • www.theskinfood.com [302 Found]: PRESET:Preset.zip

Attachments (0)

Change History (109)

comment:1 by stoecker, 7 years ago

See #16009 for previous JOSM https ticket.

comment:2 by Don-vip, 7 years ago

Keywords: https added

comment:3 by Klumbumbus, 7 years ago

Description: modified (diff)

(typo fixed)

comment:4 by stoecker, 7 years ago

In 13555/josm:

see #16123 - add HTTPS test script

comment:5 by stoecker, 7 years ago

Description: modified (diff)

I added the test script output. The "200 OK" entries probably can simply be converted to HTTPS. The others in most cases need to be fixed. We should contact at least these cases, which are from OSM community. Not included are all, which don't answer on port 443.

comment:6 by stoecker, 7 years ago

Description: modified (diff)

Fixed Hillshade Hungary

comment:7 by stoecker, 7 years ago

In 13556/josm:

see #16123 - extend HTTPS test script to plugin/style/rule/preset

comment:8 by stoecker, 7 years ago

Description: modified (diff)
Summary: External Imagery httpsExternal Imagery/Styles/Presets/Plugins/Rules https

comment:9 by stoecker, 7 years ago

Description: modified (diff)

Autofixed many JOSM wiki entries.

comment:10 by stoecker, 7 years ago

Description: modified (diff)

Fixed parser script, so it does not include xml namespace in output files.

comment:12 by Klumbumbus, 7 years ago

all http://wiki.openstreetmap.org links in the wiki were fixed to https or osmwiki: on english and german pages. (Other languages left, see the link)

Last edited 7 years ago by Klumbumbus (previous) (diff)

comment:13 by stoecker, 7 years ago

Description: modified (diff)

Fixed wiki.openstreetmap.org and josm.openstreetmap.org for all plugins referenced from SVN, no new releases yet.

comment:14 by marc_marc, 7 years ago

the test need to be extended.
for exemple tms.cadastre.openstreetmap.fr listed with a status 200
https://tms.cadastre.openstreetmap.fr/*/tout/22/2124425/1442952.png is ok
but https://tms.cadastre.openstreetmap.fr/*/tout/22/2124425/1442952.png give a 404
maybe it's needed to test that a reply is ok for a tile or for the real url to avoir url with https support but with no (or not the same) content in https

in reply to:  14 comment:15 by stoecker, 7 years ago

Description: modified (diff)

Replying to marc_marc:

the test need to be extended.
for exemple tms.cadastre.openstreetmap.fr listed with a status 200
https://tms.cadastre.openstreetmap.fr/*/tout/22/2124425/1442952.png is ok
but https://tms.cadastre.openstreetmap.fr/*/tout/22/2124425/1442952.png give a 404
maybe it's needed to test that a reply is ok for a tile or for the real url to avoir url with https support but with no (or not the same) content in https

I said that, the "200 OK" entries probably can simply be converted to HTTPS. We always use the preview feature of the wiki to test if the target imagery really works. It is hard to design an full automatics for this (it will be hard enough to design a live checker for existing entries). When changing a Maps entry and clicking on preview you can preview the changed state and thus verify a change before submission of the changed wiki page.

comment:16 by stoecker, 7 years ago

Description: modified (diff)

Update

comment:17 by stoecker, 7 years ago

Description: modified (diff)

Updated plugins

comment:18 by stoecker, 7 years ago

Description: modified (diff)

comment:19 by stoecker, 7 years ago

Description: modified (diff)

comment:20 by stoecker, 7 years ago

Description: modified (diff)

comment:21 by stoecker, 7 years ago

Description: modified (diff)

comment:22 by Klumbumbus, 7 years ago

Description: modified (diff)

comment:23 by stoecker, 7 years ago

Description: modified (diff)

idecan1.grafcan.es Fixed.

comment:24 by stoecker, 7 years ago

Description: modified (diff)

OpenNauticalMap wiki link fixed.

comment:25 by stoecker, 7 years ago

Description: modified (diff)

comment:26 by stoecker, 7 years ago

Description: modified (diff)

comment:27 by stoecker, 7 years ago

Description: modified (diff)

comment:28 by Klumbumbus, 7 years ago

Description: modified (diff)

comment:29 by stoecker, 7 years ago

Description: modified (diff)

Add info about #14241.

comment:30 by Klumbumbus, 7 years ago

Description: modified (diff)

comment:31 by stoecker, 7 years ago

@Vincent: Can you issue a re-release of the already changed Git-based plugins?

comment:32 by stoecker, 7 years ago

Description: modified (diff)

Current state:

removed

Last edited 6 years ago by stoecker (previous) (diff)

comment:33 by stoecker, 7 years ago

In 13585/josm:

see #16123 - add domain ignore list to output

comment:34 by stoecker, 7 years ago

Fixed www.orthos.dhses.ny.gov (dropped www. prefix)

comment:35 by stoecker, 7 years ago

Description: modified (diff)

comment:36 by stoecker, 7 years ago

Milestone: 18.07

Fix gis.lebensministerium.at by changing url to gis.bmlfuw.gv.at which is proper domain for the HTTPS server at that address.

comment:37 by Klumbumbus, 7 years ago

regarding this change https://hikebikemap.org/ is not fully working in https

comment:38 by Klumbumbus, 7 years ago

and this: https://siglon.londrina.pr.gov.br/ redirects to a http site. Does the link in https make sense in this case?

comment:39 by stoecker, 7 years ago

regarding this change ​https://hikebikemap.org/ is not fully working in https

Hmm. Worked in my older firefox. Seems the newer ones are stricter with mixed content or they are still playing with it? At least the icon works fine ;-)

and this: ​https://siglon.londrina.pr.gov.br/ redirects to a http site. Does the link in https make sense in this case?

It didn't do that a few days ago. They only had that Java-only certificate issue at that time as far as I remember. They are counteracting our efforts! :-)

Wait a bit or revert both?

Last edited 7 years ago by stoecker (previous) (diff)

in reply to:  39 ; comment:40 by Klumbumbus, 7 years ago

Replying to stoecker:

regarding this change ​https://hikebikemap.org/ is not fully working in https

Hmm. Worked in my older firefox. Seems the newer ones are stricter with mixed content or they are still playing with it? At least the icon works fine ;-)

It doesn't work for me with FF, FF ESR, Opera and IE. So I think it is rather a problem of the website itself.

Wait a bit or revert both?

I don't know. I wanted to clean up ImageryCompare, but these two made problems. Did you have contact with the guys from hike and bike map (because of your comment "extremely new https from today")?

in reply to:  40 ; comment:41 by stoecker, 7 years ago

Replying to Klumbumbus:

Replying to stoecker:

regarding this change ​https://hikebikemap.org/ is not fully working in https

Hmm. Worked in my older firefox. Seems the newer ones are stricter with mixed content or they are still playing with it? At least the icon works fine ;-)

It doesn't work for me with FF, FF ESR, Opera and IE. So I think it is rather a problem of the website itself.

I can test tomorrow with my old Firefox. Yes, its a website issue, but probably together with browser security settings which got stricter with each release.

Wait a bit or revert both?

I don't know. I wanted to clean up ImageryCompare, but these two made problems. Did you have contact with the guys from hike and bike map (because of your comment "extremely new https from today")?

No. It was only that I saw the new entry comming up when running the HTTPS test script ;-)

in reply to:  41 comment:42 by stoecker, 7 years ago

Description: modified (diff)

I can test tomorrow with my old Firefox. Yes, its a website issue, but probably together with browser security settings which got stricter with each release.

Does not work here as well. Reverted.

comment:43 by stoecker, 7 years ago

Description: modified (diff)

Recent state:

removed

Last edited 6 years ago by stoecker (previous) (diff)

comment:44 by stoecker, 7 years ago

Description: modified (diff)

Simple3dBuildingsPreset: fixed links to wiki, josm and w3.org

comment:45 by stoecker, 7 years ago

Fixed www.stadtentwicklung.berlin.de, www.lantmateriet.se and www.lanmateriet.se (Typo)

comment:46 by stoecker, 6 years ago

Description: modified (diff)

Fixed some new entries.

comment:47 by Don-vip, 6 years ago

Milestone: 18.0718.08

comment:48 by Don-vip, 6 years ago

Milestone: 18.0818.09

comment:49 by stoecker, 6 years ago

Description: modified (diff)

Current state, not much progress I fear:

@Klumbumbus: You added https to hikebikemap, but the issue still remains - HTTPS version does not work. I'll try to contact Colin.

removed

Last edited 6 years ago by stoecker (previous) (diff)

comment:50 by stoecker, 6 years ago

Description: modified (diff)

comment:51 by stoecker, 6 years ago

Can someone find out what the correct name for HTTPS for ....tile.openstreetmap.us would be?

in reply to:  49 ; comment:54 by Klumbumbus, 6 years ago

Replying to stoecker:

@Klumbumbus: You added https to hikebikemap, but the issue still remains - HTTPS version does not work. I'll try to contact Colin.

Hm, I changed it as the page now automatically redirects to https.

in reply to:  54 comment:55 by stoecker, 6 years ago

Replying to Klumbumbus:

Replying to stoecker:

@Klumbumbus: You added https to hikebikemap, but the issue still remains - HTTPS version does not work. I'll try to contact Colin.

Hm, I changed it as the page now automatically redirects to https.

Not for me. Browser setting/plugin?

comment:56 by Klumbumbus, 6 years ago

None that I'm aware of.

comment:57 by Don-vip, 6 years ago

Milestone: 18.0918.10

comment:58 by Don-vip, 6 years ago

Milestone: 18.1018.11

comment:59 by stoecker, 6 years ago

Description: modified (diff)
Milestone: 18.1118.12

Some solved.

comment:60 by stoecker, 6 years ago

In 14443/josm:

see #16123 - some HTTPS issues solved

comment:61 by stoecker, 6 years ago

Description: modified (diff)

comment:62 by stoecker, 6 years ago

In 14444/josm:

see #16123 - not fixed, only network error

comment:63 by Don-vip, 6 years ago

Milestone: 18.1219.01

comment:64 by stoecker, 6 years ago

Description: modified (diff)

Switzerland fixed...

comment:65 by stoecker, 6 years ago

Description: modified (diff)

comment:66 by stoecker, 6 years ago

In 14619/josm:

see #16123 - add logfile output, drop old ignores

comment:67 by stoecker, 6 years ago

In 14620/josm:

see #16123 - don't append logfile output

comment:68 by stoecker, 6 years ago

Many entries fixed: timeline

NOTE: Not only [200 OK], but also [302 Found] and [301 Moved Permanently] indicate working servers.

Last edited 6 years ago by stoecker (previous) (diff)

comment:69 by stoecker, 6 years ago

Remaining:

  • www.data.rio works, but has non-HTTPS links inside
  • osmtools.de: steps preset: contacted author

Current state:

removed

Last edited 6 years ago by stoecker (previous) (diff)

comment:70 by stoecker, 6 years ago

Contacted openstreetmap.hu by mail and asked to support HTTPS.

comment:71 by stoecker, 6 years ago

In 14626/josm:

see #16123 - support complete style/rule/preset scan using josm server cronjob output

comment:72 by stoecker, 6 years ago

Current state with deep-file checks:

removed

Last edited 6 years ago by stoecker (previous) (diff)

comment:74 by stoecker, 6 years ago

FreieTonne: Mail sent

comment:75 by stoecker, 6 years ago

  • tms.freemap.sk: Mail sent
  • www.openstreetmup.hu updated, tiles services not (yet?)

comment:76 by sarxos, 6 years ago

@stoecker,

Pls revert https back to http in Maps/Poland. Users are unable to use Geoportal links with https due to PKIX exception from JOSM because cert used by Geoportal is not supported.

Your changeset:

https://josm.openstreetmap.de/wiki/Maps/Poland?sfp_email=&sfph_mail=&action=diff&version=127&old_version=126&sfp_email=&sfph_mail=

comment:77 by sarxos, 6 years ago

@stoecker,

I did the change on my own. Take care! https://josm.openstreetmap.de/wiki/Maps/Poland?action=diff&version=129

comment:78 by stoecker, 6 years ago

@sarxos:

Please explain why https does not work. What is the error message exactly, what OS do you use, ...?

According to this check the certificates are correct and also valid for Java use and also our integration test showed no issue:
https://www.ssllabs.com/ssltest/analyze.html?d=mapy.geoportal.gov.pl&latest

comment:79 by Don-vip, 6 years ago

"DigiCert Global Root G2" has always been included in Oracle JDK as far as I remember but not in openjdk where it has only be added in 10: http://openjdk.java.net/jeps/319. So we may have some openjdk packages on Linux distributions that don't include it?

in reply to:  79 comment:80 by stoecker, 6 years ago

Replying to Don-vip:

So we may have some openjdk packages on Linux distributions that don't include it?

I thought that on Linux the system certs are used...

comment:81 by sarxos, 6 years ago

I'm on Ubuntu 14.04 with Oracle Java 1.8.0_51-b16 with JOSM installed from https://josm.openstreetmap.de/apt trusty universe.

$ java -version
java version "1.8.0_51"
Java(TM) SE Runtime Environment (build 1.8.0_51-b16)
Java HotSpot(TM) 64-Bit Server VM (build 25.51-b03, mixed mode)
$ apt-cache policy | grep josm
 500 https://josm.openstreetmap.de/apt/ trusty/universe i386 Packages
     origin josm.openstreetmap.de
 500 https://josm.openstreetmap.de/apt/ trusty/universe amd64 Packages
     origin josm.openstreetmap.de

Log from JOSM when accessing Geoportal via SSL:

$ josm 
Using /usr/bin/java to execute josm.
2019-01-08 15:50:36.066 INFO: Log level is at INFO (INFO, 800)
2019-01-08 15:50:37.865 INFO: Invalid plugin description '${plugin.description}' in plugin config
2019-01-08 15:50:38.145 WARNING: Update plugins - org.openstreetmap.josm.plugins.PluginHandler$UpdatePluginsMessagePanel[,0,0,0x0,invalid,layout=java.awt.GridBagLayout,alignmentX=0.0,alignmentY=0.0,border=,flags=9,maximumSize=,minimumSize=,preferredSize=]
2019-01-08 15:50:42.565 INFO: GET https://josm.openstreetmap.de/wiki/StartupPage -> 200
2019-01-08 15:50:43.503 INFO: GET https://josm.openstreetmap.de/maps?ids=Bing%2CDigitalGlobe-Premium%2CDigitalGlobe-Standard%2CEsriWorldImagery%2CEsriWorldImageryClarity%2CMapbox%2Cosm-mapnik-black_and_white%2Cstandard -> 200
2019-01-08 15:50:46.233 INFO: loading plugin 'buildings_tools' (version 34807)
2019-01-08 15:50:46.423 WARNING: No configuration settings found.  Using hardcoded default values for all pools.
2019-01-08 15:50:46.776 INFO: Changeset updater active (checks every 60 minutes if open changesets have been closed)
2019-01-08 15:50:50.324 INFO: Defaults for draw.rawgps.layer.wpt.pattern differ: ?{ '{name} ({desc})' | '{name} ({cmt})' | '{name}' | '{desc}' | '{cmt}' } != 
2019-01-08 15:50:50.326 INFO: Defaults for draw.rawgps.layer.audiowpt.pattern differ: ?{ '{name}' | '{desc}' | '{formattedWaypointOffset}' } != 
2019-01-08 15:51:00.247 INFO: GET https://mapy.geoportal.gov.pl/wss/service/WMTS/guest/wmts/ORTO?SERVICE=WMTS&REQUEST=GetCapabilities -> !!!
2019-01-08 15:51:00.249 WARNING: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Cause: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Cause: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1497)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
	at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
	at org.openstreetmap.josm.tools.HttpClient.connect(HttpClient.java:153)
	at org.openstreetmap.josm.tools.HttpClient.connect(HttpClient.java:99)
	at org.openstreetmap.josm.io.CachedFile.checkLocal(CachedFile.java:501)
	at org.openstreetmap.josm.io.CachedFile.getFile(CachedFile.java:282)
	at org.openstreetmap.josm.io.CachedFile.getInputStream(CachedFile.java:224)
	at org.openstreetmap.josm.data.imagery.WMTSTileSource.getCapabilities(WMTSTileSource.java:414)
	at org.openstreetmap.josm.data.imagery.WMTSTileSource.<init>(WMTSTileSource.java:328)
	at org.openstreetmap.josm.gui.layer.WMTSLayer.getTileSource(WMTSLayer.java:62)
	at org.openstreetmap.josm.gui.layer.WMTSLayer.getTileSource(WMTSLayer.java:32)
	at org.openstreetmap.josm.gui.layer.AbstractTileSourceLayer.initializeIfRequired(AbstractTileSourceLayer.java:570)
	at org.openstreetmap.josm.gui.layer.AbstractTileSourceLayer.attachToMapView(AbstractTileSourceLayer.java:552)
	at org.openstreetmap.josm.gui.MapView.layerAdded(MapView.java:346)
	at org.openstreetmap.josm.gui.layer.LayerManager.fireLayerAdded(LayerManager.java:459)
	at org.openstreetmap.josm.gui.layer.LayerManager.realAddLayer(LayerManager.java:234)
	at org.openstreetmap.josm.gui.layer.MainLayerManager.realAddLayer(MainLayerManager.java:282)
	at org.openstreetmap.josm.gui.layer.LayerManager.lambda$addLayer$0(LayerManager.java:218)
	at org.openstreetmap.josm.gui.layer.LayerManager$$Lambda$343/1386466327.run(Unknown Source)
	at org.openstreetmap.josm.gui.util.GuiHelper.runInEDTAndWaitWithException(GuiHelper.java:238)
	at org.openstreetmap.josm.gui.layer.LayerManager.addLayer(LayerManager.java:218)
	at org.openstreetmap.josm.gui.layer.LayerManager.addLayer(LayerManager.java:207)
	at org.openstreetmap.josm.actions.AddImageryLayerAction.actionPerformed(AddImageryLayerAction.java:151)
	at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:2022)
	at javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2346)
	at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:402)
	at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:259)
	at javax.swing.AbstractButton.doClick(AbstractButton.java:376)
	at javax.swing.plaf.basic.BasicMenuItemUI.doClick(BasicMenuItemUI.java:833)
	at javax.swing.plaf.basic.BasicMenuItemUI$Handler.mouseReleased(BasicMenuItemUI.java:877)
	at java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:289)
	at java.awt.Component.processMouseEvent(Component.java:6525)
	at javax.swing.JComponent.processMouseEvent(JComponent.java:3324)
	at java.awt.Component.processEvent(Component.java:6290)
	at java.awt.Container.processEvent(Container.java:2234)
	at java.awt.Component.dispatchEventImpl(Component.java:4881)
	at java.awt.Container.dispatchEventImpl(Container.java:2292)
	at java.awt.Component.dispatchEvent(Component.java:4703)
	at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4898)
	at java.awt.LightweightDispatcher.processMouseEvent(Container.java:4533)
	at java.awt.LightweightDispatcher.dispatchEvent(Container.java:4462)
	at java.awt.Container.dispatchEventImpl(Container.java:2278)
	at java.awt.Window.dispatchEventImpl(Window.java:2750)
	at java.awt.Component.dispatchEvent(Component.java:4703)
	at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:758)
	at java.awt.EventQueue.access$500(EventQueue.java:97)
	at java.awt.EventQueue$3.run(EventQueue.java:709)
	at java.awt.EventQueue$3.run(EventQueue.java:703)
	at java.security.AccessController.doPrivileged(Native Method)
	at java.security.ProtectionDomain$1.doIntersectionPrivilege(ProtectionDomain.java:75)
	at java.security.ProtectionDomain$1.doIntersectionPrivilege(ProtectionDomain.java:86)
	at java.awt.EventQueue$4.run(EventQueue.java:731)
	at java.awt.EventQueue$4.run(EventQueue.java:729)
	at java.security.AccessController.doPrivileged(Native Method)
	at java.security.ProtectionDomain$1.doIntersectionPrivilege(ProtectionDomain.java:75)
	at java.awt.EventQueue.dispatchEvent(EventQueue.java:728)
	at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:201)
	at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:116)
	at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:105)
	at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
	at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93)
	at java.awt.EventDispatchThread.run(EventDispatchThread.java:82)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
	at sun.security.validator.Validator.validate(Validator.java:260)
	at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1479)
	... 70 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:145)
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131)
	at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
	... 76 more

2019-01-08 15:51:00.351 WARNING: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Cause: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Cause: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1497)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
	at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
	at org.openstreetmap.josm.tools.HttpClient.connect(HttpClient.java:153)
	at org.openstreetmap.josm.tools.HttpClient.connect(HttpClient.java:99)
	at org.openstreetmap.josm.io.CachedFile.checkLocal(CachedFile.java:501)
	at org.openstreetmap.josm.io.CachedFile.getFile(CachedFile.java:282)
	at org.openstreetmap.josm.io.CachedFile.getInputStream(CachedFile.java:224)
	at org.openstreetmap.josm.data.imagery.WMTSTileSource.getCapabilities(WMTSTileSource.java:414)
	at org.openstreetmap.josm.data.imagery.WMTSTileSource.<init>(WMTSTileSource.java:328)
	at org.openstreetmap.josm.gui.layer.WMTSLayer.getTileSource(WMTSLayer.java:62)
	at org.openstreetmap.josm.gui.layer.WMTSLayer.getTileSource(WMTSLayer.java:32)
	at org.openstreetmap.josm.gui.layer.AbstractTileSourceLayer.initializeIfRequired(AbstractTileSourceLayer.java:570)
	at org.openstreetmap.josm.gui.layer.AbstractTileSourceLayer.attachToMapView(AbstractTileSourceLayer.java:552)
	at org.openstreetmap.josm.gui.MapView.layerAdded(MapView.java:346)
	at org.openstreetmap.josm.gui.layer.LayerManager.fireLayerAdded(LayerManager.java:459)
	at org.openstreetmap.josm.gui.layer.LayerManager.realAddLayer(LayerManager.java:234)
	at org.openstreetmap.josm.gui.layer.MainLayerManager.realAddLayer(MainLayerManager.java:282)
	at org.openstreetmap.josm.gui.layer.LayerManager.lambda$addLayer$0(LayerManager.java:218)
	at org.openstreetmap.josm.gui.layer.LayerManager$$Lambda$343/1386466327.run(Unknown Source)
	at org.openstreetmap.josm.gui.util.GuiHelper.runInEDTAndWaitWithException(GuiHelper.java:238)
	at org.openstreetmap.josm.gui.layer.LayerManager.addLayer(LayerManager.java:218)
	at org.openstreetmap.josm.gui.layer.LayerManager.addLayer(LayerManager.java:207)
	at org.openstreetmap.josm.actions.AddImageryLayerAction.actionPerformed(AddImageryLayerAction.java:151)
	at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:2022)
	at javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2346)
	at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:402)
	at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:259)
	at javax.swing.AbstractButton.doClick(AbstractButton.java:376)
	at javax.swing.plaf.basic.BasicMenuItemUI.doClick(BasicMenuItemUI.java:833)
	at javax.swing.plaf.basic.BasicMenuItemUI$Handler.mouseReleased(BasicMenuItemUI.java:877)
	at java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:289)
	at java.awt.Component.processMouseEvent(Component.java:6525)
	at javax.swing.JComponent.processMouseEvent(JComponent.java:3324)
	at java.awt.Component.processEvent(Component.java:6290)
	at java.awt.Container.processEvent(Container.java:2234)
	at java.awt.Component.dispatchEventImpl(Component.java:4881)
	at java.awt.Container.dispatchEventImpl(Container.java:2292)
	at java.awt.Component.dispatchEvent(Component.java:4703)
	at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4898)
	at java.awt.LightweightDispatcher.processMouseEvent(Container.java:4533)
	at java.awt.LightweightDispatcher.dispatchEvent(Container.java:4462)
	at java.awt.Container.dispatchEventImpl(Container.java:2278)
	at java.awt.Window.dispatchEventImpl(Window.java:2750)
	at java.awt.Component.dispatchEvent(Component.java:4703)
	at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:758)
	at java.awt.EventQueue.access$500(EventQueue.java:97)
	at java.awt.EventQueue$3.run(EventQueue.java:709)
	at java.awt.EventQueue$3.run(EventQueue.java:703)
	at java.security.AccessController.doPrivileged(Native Method)
	at java.security.ProtectionDomain$1.doIntersectionPrivilege(ProtectionDomain.java:75)
	at java.security.ProtectionDomain$1.doIntersectionPrivilege(ProtectionDomain.java:86)
	at java.awt.EventQueue$4.run(EventQueue.java:731)
	at java.awt.EventQueue$4.run(EventQueue.java:729)
	at java.security.AccessController.doPrivileged(Native Method)
	at java.security.ProtectionDomain$1.doIntersectionPrivilege(ProtectionDomain.java:75)
	at java.awt.EventQueue.dispatchEvent(EventQueue.java:728)
	at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:201)
	at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:116)
	at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:105)
	at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
	at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93)
	at java.awt.EventDispatchThread.run(EventDispatchThread.java:82)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
	at sun.security.validator.Validator.validate(Validator.java:260)
	at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1479)
	... 70 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:145)
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131)
	at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
	... 76 more

2019-01-08 15:51:00.356 SEVERE: org.openstreetmap.josm.tools.bugreport.ReportedException: java.lang.IllegalArgumentException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Cause: java.lang.IllegalArgumentException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Cause: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Cause: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Cause: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
ReportedException [thread=Thread[AWT-EventQueue-0,6,main], exception=java.lang.IllegalArgumentException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target, methodWarningFrom=null]
	at org.openstreetmap.josm.tools.bugreport.BugReport.intercept(BugReport.java:173)
	at org.openstreetmap.josm.gui.MapView.layerAdded(MapView.java:368)
	at org.openstreetmap.josm.gui.layer.LayerManager.fireLayerAdded(LayerManager.java:459)
	at org.openstreetmap.josm.gui.layer.LayerManager.realAddLayer(LayerManager.java:234)
	at org.openstreetmap.josm.gui.layer.MainLayerManager.realAddLayer(MainLayerManager.java:282)
	at org.openstreetmap.josm.gui.layer.LayerManager.lambda$addLayer$0(LayerManager.java:218)
	at org.openstreetmap.josm.gui.layer.LayerManager$$Lambda$343/1386466327.run(Unknown Source)
	at org.openstreetmap.josm.gui.util.GuiHelper.runInEDTAndWaitWithException(GuiHelper.java:238)
	at org.openstreetmap.josm.gui.layer.LayerManager.addLayer(LayerManager.java:218)
	at org.openstreetmap.josm.gui.layer.LayerManager.addLayer(LayerManager.java:207)
	at org.openstreetmap.josm.actions.AddImageryLayerAction.actionPerformed(AddImageryLayerAction.java:151)
	at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:2022)
	at javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2346)
	at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:402)
	at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:259)
	at javax.swing.AbstractButton.doClick(AbstractButton.java:376)
	at javax.swing.plaf.basic.BasicMenuItemUI.doClick(BasicMenuItemUI.java:833)
	at javax.swing.plaf.basic.BasicMenuItemUI$Handler.mouseReleased(BasicMenuItemUI.java:877)
	at java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:289)
	at java.awt.Component.processMouseEvent(Component.java:6525)
	at javax.swing.JComponent.processMouseEvent(JComponent.java:3324)
	at java.awt.Component.processEvent(Component.java:6290)
	at java.awt.Container.processEvent(Container.java:2234)
	at java.awt.Component.dispatchEventImpl(Component.java:4881)
	at java.awt.Container.dispatchEventImpl(Container.java:2292)
	at java.awt.Component.dispatchEvent(Component.java:4703)
	at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4898)
	at java.awt.LightweightDispatcher.processMouseEvent(Container.java:4533)
	at java.awt.LightweightDispatcher.dispatchEvent(Container.java:4462)
	at java.awt.Container.dispatchEventImpl(Container.java:2278)
	at java.awt.Window.dispatchEventImpl(Window.java:2750)
	at java.awt.Component.dispatchEvent(Component.java:4703)
	at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:758)
	at java.awt.EventQueue.access$500(EventQueue.java:97)
	at java.awt.EventQueue$3.run(EventQueue.java:709)
	at java.awt.EventQueue$3.run(EventQueue.java:703)
	at java.security.AccessController.doPrivileged(Native Method)
	at java.security.ProtectionDomain$1.doIntersectionPrivilege(ProtectionDomain.java:75)
	at java.security.ProtectionDomain$1.doIntersectionPrivilege(ProtectionDomain.java:86)
	at java.awt.EventQueue$4.run(EventQueue.java:731)
	at java.awt.EventQueue$4.run(EventQueue.java:729)
	at java.security.AccessController.doPrivileged(Native Method)
	at java.security.ProtectionDomain$1.doIntersectionPrivilege(ProtectionDomain.java:75)
	at java.awt.EventQueue.dispatchEvent(EventQueue.java:728)
	at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:201)
	at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:116)
	at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:105)
	at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
	at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93)
	at java.awt.EventDispatchThread.run(EventDispatchThread.java:82)
Caused by: java.lang.IllegalArgumentException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at org.openstreetmap.josm.gui.layer.WMTSLayer.getTileSource(WMTSLayer.java:69)
	at org.openstreetmap.josm.gui.layer.WMTSLayer.getTileSource(WMTSLayer.java:32)
	at org.openstreetmap.josm.gui.layer.AbstractTileSourceLayer.initializeIfRequired(AbstractTileSourceLayer.java:570)
	at org.openstreetmap.josm.gui.layer.AbstractTileSourceLayer.attachToMapView(AbstractTileSourceLayer.java:552)
	at org.openstreetmap.josm.gui.MapView.layerAdded(MapView.java:346)
	... 48 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1497)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
	at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
	at org.openstreetmap.josm.tools.HttpClient.connect(HttpClient.java:153)
	at org.openstreetmap.josm.tools.HttpClient.connect(HttpClient.java:99)
	at org.openstreetmap.josm.io.CachedFile.checkLocal(CachedFile.java:501)
	at org.openstreetmap.josm.io.CachedFile.getFile(CachedFile.java:282)
	at org.openstreetmap.josm.io.CachedFile.getInputStream(CachedFile.java:224)
	at org.openstreetmap.josm.data.imagery.WMTSTileSource.getCapabilities(WMTSTileSource.java:414)
	at org.openstreetmap.josm.data.imagery.WMTSTileSource.<init>(WMTSTileSource.java:328)
	at org.openstreetmap.josm.gui.layer.WMTSLayer.getTileSource(WMTSLayer.java:62)
	... 52 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
	at sun.security.validator.Validator.validate(Validator.java:260)
	at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1479)
	... 70 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:145)
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131)
	at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
	... 76 more

comment:82 by sarxos, 6 years ago

When switched to plain http I'm also observing this one in a log. Not sure if it's connected with the SSL issue, but still think it's worth to mention it:

2019-01-08 16:09:57.679 INFO: GET http://mapy.geoportal.gov.pl/wss/service/WMTS/guest/wmts/ORTO?SERVICE=WMTS&REQUEST=GetTile&VERSION=1.0.0&LAYER=ORTOFOTOMAPA&STYLE=default&FORMAT=image/jpeg&tileMatrixSet=EPSG:2180&tileMatrix=EPSG:2180:7&tileRow=38&tileCol=50 -> !!!
2019-01-08 16:09:57.680 WARNING: java.net.SocketException: Unexpected end of file from server
java.net.SocketException: Unexpected end of file from server
	at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:792)
	at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:647)
	at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:789)
	at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:647)
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1535)
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1440)
	at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480)
	at org.openstreetmap.josm.tools.HttpClient.connect(HttpClient.java:157)
	at org.openstreetmap.josm.tools.HttpClient.connect(HttpClient.java:99)
	at org.openstreetmap.josm.data.cache.JCSCachedTileLoaderJob.loadObject(JCSCachedTileLoaderJob.java:322)
	at org.openstreetmap.josm.data.cache.JCSCachedTileLoaderJob.run(JCSCachedTileLoaderJob.java:231)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at java.lang.Thread.run(Thread.java:745)

comment:83 by sarxos, 6 years ago

I tested this on JNLP version of JOSM on my other Ubuntu machine (14.04, but with OpenJDK 1.8.0_171) and accessing it via SSL works well.

2019-01-08 16:24:41.167 INFO: Silent shortcut conflict: 'tools:turnrestriction' moved by 'Improve OSM:Solve issue' to 'Alt+Shift+F2'.
2019-01-08 16:24:41.543 INFO: GET https://mapy.geoportal.gov.pl/wss/service/WMTS/guest/wmts/ORTO?SERVICE=WMTS&REQUEST=GetCapabilities -> 200 (5.09 kB)
2019-01-08 16:24:41.618 INFO: AbstractTileSourceLayer: estimated visible tiles: 20, estimated cache size: 80
$ java -version
openjdk version "1.8.0_171"
OpenJDK Runtime Environment (build 1.8.0_171-8u171-b11-2~14.04-b11)
OpenJDK 64-Bit Server VM (build 25.171-b11, mixed mode)

comment:84 by Don-vip, 6 years ago

8u51? This version of Java is really, really old and no longer supported for years. I'm in favor of restoring https if it works with up to date versions of Java.

comment:85 by sarxos, 6 years ago

Hi @Don-vip,

I can confirm that upgrading Oracle Java 8 to build 191 indeed resolved SSL issue. I will revert Geoportal URLs on Wiki back to https.

$ java -version
java version "1.8.0_191"
Java(TM) SE Runtime Environment (build 1.8.0_191-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.191-b12, mixed mode)

comment:86 by sarxos, 6 years ago

@Don-vip, @stoecker,

Wiki changes reverting SSL back: https://josm.openstreetmap.de/wiki/Maps/Poland?action=diff&version=134

Thank you for your support!

comment:87 by Don-vip, 6 years ago

Thanks!

comment:88 by Don-vip, 6 years ago

Milestone: 19.0119.02

comment:89 by Don-vip, 6 years ago

Milestone: 19.0219.03

comment:90 by stoecker, 6 years ago

In 14871/josm:

See #16123 - move TestHTTPS ignores from script to IntegrationTestIgnores page

comment:91 by stoecker, 6 years ago

Not much progress as far as I can see.

News:

  • terinfo.ujbuda.hu → https works, but mapproxy not
  • freietonne → fixed links

Recent state:
copied to ticket text

Last edited 6 years ago by stoecker (previous) (diff)

comment:92 by stoecker, 6 years ago

Description: modified (diff)

comment:94 by stoecker, 6 years ago

Description: modified (diff)

Recent state

comment:96 by stoecker, 6 years ago

In 14919/josm:

see #16123 - use port 443 for tests always, not a specified non-standard port

comment:97 by stoecker, 6 years ago

In 14920/josm:

see #16123 - use port 443 for tests always, not a specified non-standard port - last variant failed with {switch:...} statements

comment:98 by stoecker, 6 years ago

Description: modified (diff)
Milestone: 19.0319.04

comment:99 by stoecker, 6 years ago

Description: modified (diff)

comment:100 by Don-vip, 6 years ago

Milestone: 19.0419.05

comment:101 by stoecker, 6 years ago

Description: modified (diff)

comment:102 by Klumbumbus, 6 years ago

Milestone: 19.05

Removing milestone as it seems not useful on this ticket. It would be postponed every month for years.

comment:103 by stoecker, 5 years ago

Description: modified (diff)

comment:104 by stoecker, 5 years ago

Milestone: Longterm

New milestone for such tickets.

comment:105 by stoecker, 5 years ago

Description: modified (diff)

Update.

comment:106 by stoecker, 5 years ago

There was a time of a lot of progress, but now TLS support seems stalled. That's a bit sad.

comment:107 by stoecker, 5 years ago

Description: modified (diff)

Didn't do this for a long time. Shame on me. I thought I only skipped one month...

Updates

comment:108 by stoecker, 5 years ago

Description: modified (diff)

in reply to:  107 comment:109 by skyper, 3 years ago

Replying to stoecker:

Didn't do this for a long time. Shame on me. I thought I only skipped one month...

Ping.

Last edited 3 years ago by skyper (previous) (diff)

Modify Ticket

Change Properties
Set your email in Preferences
Action
as new The owner will remain team.
as The resolution will be set. Next status will be 'closed'.
to The owner will be changed from team to the specified user.
Next status will be 'needinfo'. The owner will be changed from team to stoecker.
as duplicate The resolution will be set to duplicate. Next status will be 'closed'. The specified ticket will be cross-referenced with this ticket.
The owner will be changed from team to anonymous. Next status will be 'assigned'.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.