Clovertech

Chris

Forum Replies Created

Viewing 3 replies – 1 through 3 (of 3 total)
  • Author
    Replies
  • August 29, 2024 at 11:36 pm in reply to: JAVA/WS-Server – SSL Handshake Logging – Where is it? #121584
    Chris
    Participant

      Thanks Don. Arg -Djavax.net.debug=all, in particular, was sufficient for what I needed.

      P.S. — completely unrelated to the ws-server protocol but typing this out anyway — while working with the ws-client protocol, I encountered a “Certificate chaining error” erro,r indicating that the complete certificate chain was not present in my server’s truststore. In my case, comparing openssl outputs to the SSL debug output made it clear that I was missing a particular root CA cert (issuer of the cert presented by the target API). To avoid modifying this server’s truststore, I created a site-specific truststore and imported the full chain (including missing cert) via the keytool utility. However, even after updating the Conduit’s TLSv1.2 config to reference this new truststore, the error persisted.

      I eventually discovered that initializing the new truststore directly in the JVM (using the args below), instead of from the Conduit’s config, causes the truststore to be ‘applied’ as intended. Note, in addition to clearing out the Conduit’s TLS config, it is essential to disable the ‘Use TLS’ checkbox.

      -Djavax.net.debug=all
      -Dhttps.protocols=TLSv1.2,TLSv1.1
      -Ddeployment.security.TLSv1.2=true
      -Djavax.net.ssl.trustStore=/path/to/store.jks
      -Djavax.net.ssl.trustStorePassword=XXX

      On a broader note, it is disappointing to find how poorly documented the CAA-WS add-on is after all this time. I recognize that there are example sites in CL installs, and I could be missing formal docs, but AFAIK there is not even even basic info regarding (for ex.) basic ws-client TLS config.

      April 22, 2024 at 2:24 pm in reply to: Forums are now open #121329
      Chris
      Participant

        Hi. Are there any plans to shift Clovertech to a more modern BBS, or even something like Slack? I’m grateful to have access to Clovertech, but as it stands the medium (WP) feels extremely dated, and I find effective use of Search for example to be extremely challenging.

        April 22, 2024 at 2:19 pm in reply to: Basic Tutorial for Using SQLite With Cloverleaf #121328
        Chris
        Participant

          Hi, have a question about protocol Database-Inbound and unlimited vs. limited max row (per read) config. From related Cloverleaf docs (paraphrasing) —

          “The other option enables you to set the maximum row number of query results. If you specify an uncertified DBMS that does not support the max row setting, Max Row Per Read must be set to Unlimited.”

          Coming in, I would’ve assumed that limiting rows would use LIMIT and OFFSET to (eventually) work through the entire query result set, but processing appears to return the same X results upon each read attempt, and I’m not seeing those clauses in the processes’ EO SQL statement output.

          Is this the expected outcome? If not, is this outcome related to use of an “uncertified DBMS”? If yes, where can I find a list of supported DMBSs?

          To add context – I’m using sqlite and running into heap space issues when using unlimited, so trying to determine how best to sequentially step through the full query result return (~150k rows).

        • Author
          Replies
        Viewing 3 replies – 1 through 3 (of 3 total)