Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PKIX path building failed . TLS cert check failure on directory delete #3397

Closed
cyberduck opened this issue Aug 10, 2009 · 3 comments
Closed

PKIX path building failed . TLS cert check failure on directory delete #3397

cyberduck opened this issue Aug 10, 2009 · 3 comments
Assignees
@dkocher
Labels
bug duplicate webdav WebDAV Protocol Implementation

Comments

@cyberduck
Copy link
Collaborator

geoff created the issue

Apache 2.2, mod_dav, Solaris,Intel. SSL-WebDAV on non standard port (4705). Adding files or dirs, no problems. Deleting files, fine. Deleting directory (was fine until recent Cyberduck update) throws an exception of type:

sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.

The SSL TLS log entry

[10/Aug/2009:08:13:57 -0700] 64.X.X.X  TLSv1 RC4-MD5 "DELETE /test1 HTTP/1.1" 242
[10/Aug/2009:08:13:58 -0700] 64.X.X.X TLSv1 RC4-MD5 "PROPFIND / HTTP/1.1" 631
[10/Aug/2009:08:13:58 -0700] 64.X.X.X TLSv1 RC4-MD5 "PROPFIND / HTTP/1.1" 8634

Same cert works perfectly for SSL web connections via browsers. Recreating the cert trust chain in java on osx made no difference.

Changing to no SSL, works fine. Can't use that as Cyberduck only understands Basic Auth, if it did DigestAuth we could scrape by with no SSL. Can't have merely hashed passwds in the clear, as in Basic Auth.
@cyberduck
Copy link
Collaborator Author

@dkocher commented

Use the following workaround:

defaults write ch.sudo.cyberduck webdav.tls.acceptAnyCertificate true

in Terminal.app window and restart Cyberduck.

@cyberduck
Copy link
Collaborator Author

@dkocher commented

Replying to [3397 geoff]:

Can't use that as Cyberduck only understands Basic Auth, if it did DigestAuth we could scrape by with no SSL. Can't have merely hashed passwds in the clear, as in Basic Auth.

We do support Basic, Digest and NTLM Authentication.

@cyberduck
Copy link
Collaborator Author

@dkocher commented

Duplicate for #2443. Is the server publicy reachable to debug this issue?

@iterate-ch iterate-ch locked as resolved and limited conversation to collaborators Nov 26, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@dkocher dkocher

Labels
bug duplicate webdav WebDAV Protocol Implementation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dkocher @cyberduck