Question

FME server GUI issue while running services: "There was an error submitting the job."

  • 6 December 2018
  • 8 replies
  • 23 views
geojanmov

Hello FME community,

In order to configure HTTPS we followed the steps in the admin guide at http://docs.safe.com/fme/html/FME_Server_Documentation/Content/AdminGuide/configuring_for_https.htm. After this configuration we get an error on running services with the GUI button: "There was an error submitting the job."

We've looked at the following troubleshooting guide: https://knowledge.safe.com/articles/49624/fme-server-and-https-troubleshooting-guide.html, however we couldn't explain the error message.

Does anyone know a solution for this error message?

8 replies

H
Badge +2

Hi @geojan,

In the FME Server Web UI under Admin > System Configuration > Networking > Services you will likely need to 'Change All Hosts' to change the URLs from http to https.

Please let me know if this does not fix the issue.

geojanmov

Hi @geojan,

In the FME Server Web UI under Admin > System Configuration > Networking > Services you will likely need to 'Change All Hosts' to change the URLs from http to https.

Please let me know if this does not fix the issue.

Hi @hollyatsafe, thanks for your response. We already changed the URLs to HTTPS, so this doesn't solve our problem. Any other ideas?

H
Badge +2

Hi @hollyatsafe, thanks for your response. We already changed the URLs to HTTPS, so this doesn't solve our problem. Any other ideas?

Hi @geojan,

Ok, did you also complete step 4 in the instructions you linked - updated the fmeServerConfig FME_SERVER_WEB_URL parameter?

Please could you share the Catalina and localhost_ access logs (resources/logs/tomcat) as well as the fmeserver logs (resources/logs/core) so we can see if they contain any more information on the error.

 

geojanmov

Hi @geojan,

Ok, did you also complete step 4 in the instructions you linked - updated the fmeServerConfig FME_SERVER_WEB_URL parameter?

Please could you share the Catalina and localhost_ access logs (resources/logs/tomcat) as well as the fmeserver logs (resources/logs/core) so we can see if they contain any more information on the error.

 

Sure, hereby the demanded log files:

catalina.txt

fmeserver.txt

localhost_access_log.2018-12-06.txt.txt

 

H
Badge +2

Sure, hereby the demanded log files:

catalina.txt

fmeserver.txt

localhost_access_log.2018-12-06.txt.txt

 

Hi @geojan,

Thank you for sharing those. In the Catalina log there is a severe warning: 

PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed

For your Self Signed Certificate what is the extension and the signing authority? I suspect it is .pfx in which case you may need to carry out some additional configuration steps. Please review the following articles to help get this set up: 

https://knowledge.safe.com/articles/80611/fme-server-and-httpsssl-pfx-certificate.html

https://knowledge.safe.com/articles/19708/pkix-path-issues-when-configuring-ssl-for-fme-serv.html

geojanmov

Hi @geojan,

Thank you for sharing those. In the Catalina log there is a severe warning: 

PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed

For your Self Signed Certificate what is the extension and the signing authority? I suspect it is .pfx in which case you may need to carry out some additional configuration steps. Please review the following articles to help get this set up: 

https://knowledge.safe.com/articles/80611/fme-server-and-httpsssl-pfx-certificate.html

https://knowledge.safe.com/articles/19708/pkix-path-issues-when-configuring-ssl-for-fme-serv.html

Hello @hollyatsafe, Sorry for the very late response. The extension of the certificate is .p7b and the signing authority is my organisation. Should we than take extra configuration steps? If so, which ones?

H
Badge +2

Hello @hollyatsafe, Sorry for the very late response. The extension of the certificate is .p7b and the signing authority is my organisation. Should we than take extra configuration steps? If so, which ones?

Hi @geojan,

  1. Can you check the certificate status and expiration date in your browser.
  2. Can you also use OpenSSL for more detailed debugging (https://www.endpoint.com/blog/2017/10/04/pkix-path-validation-failed-debugging) to confirm certificate status is valid.
  3. Can you confirm you imported the certificate into the cacerts as well?
  4. Can you run through this troubleshooting guide

If all of these are ok then please try removing the certificate from the keystone and following these instructions to reinstall the certificate.

geojanmov

Hi @geojan,

  1. Can you check the certificate status and expiration date in your browser.
  2. Can you also use OpenSSL for more detailed debugging (https://www.endpoint.com/blog/2017/10/04/pkix-path-validation-failed-debugging) to confirm certificate status is valid.
  3. Can you confirm you imported the certificate into the cacerts as well?
  4. Can you run through this troubleshooting guide

If all of these are ok then please try removing the certificate from the keystone and following these instructions to reinstall the certificate.

@hollyatsafe, thanks for your response again. WIth upgrading to FME Server 2019.0.0.1 and reinstalling the certificate the issue was solved!

Reply


Community Stats

28,731
Posts
109,530
Replies
36,565
Members
Terms & ConditionsCookie settings
A product of
Safe Software respectfully acknowledges that we live, learn and work on the traditional and unceded territories of the Kwantlen, Katzie, and Semiahmoo First Nations.