Spectrum Spatial (SSA/LIM)

 View Only
  • 1.  Https, can't seem to get it working, getting errors

    Posted 05-11-2022 01:34
      |   view attached
    I have purchased a new certificate from digicert.  Created a new Keystore and Truststore and installed the certificates into the new stores.
    Server is windows 2019 VM server, in Microsoft Azure

    I then edited the # Spectrum HTTP settings as below
    # Spectrum HTTP settings
    ################################################################################
    spectrum.http.default.protocol=https
    #spectrum.http.enabled=true
    #spectrum.http.port=8080
    spectrum.https.enabled=true
    spectrum.https.port=8443
    spectrum.https.encryption.keystoreType=pkcs12
    spectrum.https.encryption.keystore=../conf/certs/Ararat-keystore.p12
    spectrum.https.encryption.keystorePassword=xxxxxxx
    spectrum.https.encryption.keystoreAlias=spectrum
    spectrum.https.encryption.truststoreType=pkcs12
    spectrum.https.encryption.truststore=../conf/certs/Ararat-truststore.p12

    and also the ssl settings as below.

    # Spectrum ssl settings
    ################################################################################
    spectrum.encryption.enabled=false
    spectrum.encryption.algorithm=JASYPT
    spectrum.encryption.keystoreAlias=spectrum
    spectrum.encryption.keystoreType=pkcs12
    spectrum.encryption.keystore=../conf/certs/Ararat-keystore.p12
    spectrum.encryption.keystorePassword=xxxxxxxx
    spectrum.encryption.truststoreType=pkcs12
    spectrum.encryption.truststore=../conf/certs/Ararat-truststore.p12
    spectrum.encryption.truststorePassword=xxxxxxxx
    spectrum.encryption.validateCerts=true
    spectrum.encryption.trustAllHosts=false
    spectrum.encryption.selfSignedCert=false

    spectrum.https.encryption.truststorePassword=xxxxxxx
    spectrum.https.encryption.validateCerts=false
    spectrum.https.encryption.selfSignedCert=false
    spectrum.https.encryption.trustAllHosts=false

    I also edited the the runtime settings
    # Spectrum runtime settings
    ################################################################################
    spectrum.runtime.hostname=GIS.ararat.vic.gov.au
    spectrum.runtime.port=8443

    when I test the certificate with a browser I get an error "Error code: SSL_ERROR_NO_CYPHER_OVERLAP"
    When I test the certificate with the Digicert tool I get an error "a valid handshake could not be established"

    I have installed the certificate on several other windows servers including the confirm server using IIS and it works fine with no issues.

    I have no idea whats going on here and can't seem to find a cure.
    Has anyone get any ideas on what to look at to fix the problem???
    Much appreciate any help I can get with this issue.

    ------------------------------
    Russell Ferguson
    Ararat Rural City Council
    Ararat VIC
    ------------------------------


  • 2.  RE: Https, can't seem to get it working, getting errors

    Posted 05-12-2022 17:58
    Hi Russell,

    I will respond shortly via email to your support case logged with us. 

    Regards. Matt

    ------------------------------
    Matt Smith
    The Spatial Distillery
    Sydney NSW
    ------------------------------