Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PKIX path building failed . TLS cert check failure on directory delete #3397

Closed
cyberduck opened this issue Aug 10, 2009 · 3 comments
Closed

PKIX path building failed . TLS cert check failure on directory delete #3397

cyberduck opened this issue Aug 10, 2009 · 3 comments

Comments

@cyberduck
Copy link
Collaborator

@cyberduck cyberduck commented Aug 10, 2009

geoff created the issue

Apache 2.2, mod_dav, Solaris,Intel. SSL-WebDAV on non standard port (4705). Adding files or dirs, no problems. Deleting files, fine. Deleting directory (was fine until recent Cyberduck update) throws an exception of type:

sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.

The SSL TLS log entry

[10/Aug/2009:08:13:57 -0700] 64.X.X.X  TLSv1 RC4-MD5 "DELETE /test1 HTTP/1.1" 242
[10/Aug/2009:08:13:58 -0700] 64.X.X.X TLSv1 RC4-MD5 "PROPFIND / HTTP/1.1" 631
[10/Aug/2009:08:13:58 -0700] 64.X.X.X TLSv1 RC4-MD5 "PROPFIND / HTTP/1.1" 8634

Same cert works perfectly for SSL web connections via browsers. Recreating the cert trust chain in java on osx made no difference.

Changing to no SSL, works fine. Can't use that as Cyberduck only understands Basic Auth, if it did DigestAuth we could scrape by with no SSL. Can't have merely hashed passwds in the clear, as in Basic Auth.

@cyberduck
Copy link
Collaborator Author

@cyberduck cyberduck commented Aug 10, 2009

@dkocher commented

Use the following workaround:

defaults write ch.sudo.cyberduck webdav.tls.acceptAnyCertificate true

in Terminal.app window and restart Cyberduck.

Loading

@cyberduck
Copy link
Collaborator Author

@cyberduck cyberduck commented Aug 10, 2009

@dkocher commented

Replying to [3397 geoff]:

Can't use that as Cyberduck only understands Basic Auth, if it did DigestAuth we could scrape by with no SSL. Can't have merely hashed passwds in the clear, as in Basic Auth.

We do support Basic, Digest and NTLM Authentication.

Loading

@cyberduck
Copy link
Collaborator Author

@cyberduck cyberduck commented Apr 10, 2010

@dkocher commented

Duplicate for #2443. Is the server publicy reachable to debug this issue?

Loading

@cyberduck cyberduck closed this Apr 10, 2010
@iterate-ch iterate-ch locked as resolved and limited conversation to collaborators Nov 26, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants