Project

General

Profile

Anomalie #17841

Erreur Certificat / Horodatage (SR-32187 Contralia)

Added by Ludovic ARAUJO over 1 year ago. Updated 4 months ago.

Status:
Clôturée
Priority:
3-Mineur
Assignee:
-
Target version:
Start date:
07/26/2021
Due date:
Tags Parapheur:

Description

Une erreur avec la prod contralia survient (fonctionne en test) :
~~~
"message": "Certificate path could not be build for \"\/C=FR\/ST=75\/L=PARIS\/O=LA POSTE - DSI COURRIER\/OU=0002 356000000\/serialNumber=ACP-HORO-560-003\/CN=HORODATAGE_DE_LA_POSTE_TSU_560_003\".
Check your trusted certificates.",

"file": "\/var\/www\/html\/MaarchParapheur\/plugins\/SetaPDF-Signer\/library\/SetaPDF\/Signer\/ValidationRelatedInfo\/Collector.php",
"line": 396,
"trace": [
"#0 \/var\/www\/html\/MaarchParapheur\/plugins\/SetaPDF-Signer\/library\/SetaPDF\/Signer\/ValidationRelatedInfo\/Collector.php(664): SetaPDF_Signer_ValidationRelatedInfo_Collector->buildPath(Object(SetaPDF_Signer_X509_Certificate), Object(DateTime), NULL)",
"#1 \/var\/www\/html\/MaarchParapheur\/plugins\/SetaPDF-Signer\/library\/SetaPDF\/Signer\/ValidationRelatedInfo\/Collector.php(507): SetaPDF_Signer_ValidationRelatedInfo_Collector->_processCertificate(Object(SetaPDF_Signer_ValidationRelatedInfo_Result), 6, Object(DateTime), NULL)",
"#2 \/var\/www\/html\/MaarchParapheur\/plugins\/SetaPDF-Signer\/library\/SetaPDF\/Signer\/ValidationRelatedInfo\/Collector.php(1023): SetaPDF_Signer_ValidationRelatedInfo_Collector->_getByLeftCertificates(Object(SetaPDF_Signer_ValidationRelatedInfo_Result), Array, 6, NULL, NULL)",
"#3 \/var\/www\/html\/MaarchParapheur\/plugins\/SetaPDF-Signer\/library\/SetaPDF\/Signer\/ValidationRelatedInfo\/Collector.php(1111): SetaPDF_Signer_ValidationRelatedInfo_Collector->getBySignedData(Object(SetaPDF_Signer_Cms_SignedData), 6, NULL, NULL, Object(SetaPDF_Signer_ValidationRelatedInfo_Result))",
"#4 \/var\/www\/html\/MaarchParapheur\/plugins\/SetaPDF-Signer\/library\/SetaPDF\/Signer\/ValidationRelatedInfo\/Collector.php(1073): SetaPDF_Signer_ValidationRelatedInfo_Collector->getByIntegrityResult(Object(SetaPDF_Signer_ValidationRelatedInfo_IntegrityResult), 6, NULL, NULL, Object(SetaPDF_Signer_ValidationRelatedInfo_Result))",
"#5 \/var\/www\/html\/MaarchParapheur\/src\/app\/document\/controllers\/DigitalSignatureController.php(398): SetaPDF_Signer_ValidationRelatedInfo_Collector->getByFieldName(Object(SetaPDF_Core_Document), 'Signature')",
"#6 \/var\/www\/html\/MaarchParapheur\/src\/app\/document\/controllers\/DigitalSignatureController.php(280): Document\controllers\DigitalSignatureController::timestampHashes(Array)",
"#7 \/var\/www\/html\/MaarchParapheur\/src\/app\/document\/controllers\/DocumentController.php(856): Document\controllers\DigitalSignatureController::signHashes(Array)",
"#8 [internal function]: Document\controllers\DocumentController->setAction(Object(Slim\Http\Request), Object(Slim\Http\Response), Array)",
"#9 \/var\/www\/html\/MaarchParapheur\/vendor\/slim\/slim\/Slim\/Handlers\/Strategies\/RequestResponse.php(40): call_user_func(Array, Object(Slim\Http\Request), Object(Slim\Http\Response), Array)",
"#10 \/var\/www\/html\/MaarchParapheur\/vendor\/slim\/slim\/Slim\/Route.php(281): Slim\Handlers\Strategies\RequestResponse->invoke(Array, Object(Slim\Http\Request), Object(Slim\Http\Response), Array)",
"#11 \/var\/www\/html\/MaarchParapheur\/vendor\/slim\/slim\/Slim\/MiddlewareAwareTrait.php(117): Slim\Route->invoke(Object(Slim\Http\Request), Object(Slim\Http\Response))",
"#12 \/var\/www\/html\/MaarchParapheur\/vendor\/slim\/slim\/Slim\/Route.php(268): Slim\Route->callMiddlewareStack(Object(Slim\Http\Request), Object(Slim\Http\Response))",
"#13 \/var\/www\/html\/MaarchParapheur\/vendor\/slim\/slim\/Slim\/App.php(503): Slim\Route->run(Object(Slim\Http\Request), Object(Slim\Http\Response))",
"#14 \/var\/www\/html\/MaarchParapheur\/rest\/index.php(46): Slim\App->invoke(Object(Slim\Http\Request), Object(Slim\Http\Response))",
"#15 [internal function]: Closure->{closure}(Object(Slim\Http\Request), Object(Slim\Http\Response), Object(Slim\App))",
"#16 \/var\/www\/html\/MaarchParapheur\/vendor\/slim\/slim\/Slim\/DeferredCallable.php(57): call_user_func_array(Object(Closure), Array)",
"#17 [internal function]: Slim\DeferredCallable->_invoke(Object(Slim\Http\Request), Object(Slim\Http\Response), Object(Slim\App))",
"#18 \/var\/www\/html\/MaarchParapheur\/vendor\/slim\/slim\/Slim\/MiddlewareAwareTrait.php(70): call_user_func(Object(Slim\DeferredCallable), Object(Slim\Http\Request), Object(Slim\Http\Response), Object(Slim\App))",
"#19 \/var\/www\/html\/MaarchParapheur\/vendor\/slim\/slim\/Slim\/MiddlewareAwareTrait.php(117): Slim\App->Slim{closure}(Object(Slim\Http\Request), Object(Slim\Http\Response))",
"#20 \/var\/www\/html\/MaarchParapheur\/vendor\/slim\/slim\/Slim\/App.php(392): Slim\App->callMiddlewareStack(Object(Slim\Http\Request), Object(Slim\Http\Response))",
"#21 \/var\/www\/html\/MaarchParapheur\/vendor\/slim\/slim\/Slim\/App.php(297): Slim\App->process(Object(Slim\Http\Request), Object(Slim\Http\Response))",
"#22 \/var\/www\/html\/MaarchParapheur\/rest\/index.php(151): Slim\App->run()",
"#23 {main}"
]
~~~

Cela fonctionne avec les API DOCAPOSTE sur l'URL test.contralia.fr mais pas avec les API sur l'URL de prod www.contralia.fr.
Les certificats d'horodatage ne proviennent alors pas des mêmes entités :

Test :
cn=DOCAPOSTE - UNITE HORODATAGE
serialNumber=84169EKE258
ou=0002 320217144
2.5.4.97=NTRFR-320217144
o=DOCAPOSTE BPO
l=Ivry Sur Seine
st=94
c=FR

Prod :
CN=HORODATAGE_DE_LA_POSTE_TSU_560_003
serialNumber=ACP-HORO-560-003
OU=0002 356000000
O=LA POSTE - DSI COURRIER
L=PARIS
ST=75
C=FR

Vu avec le client.

History

#2 Updated by Emmanuel DILLARD over 1 year ago

  • Subject changed from Singature DOCAPOSTE to Certificat / Horodatage DOCAPOSTE
  • Due date changed from 07/27/2021 to 08/02/2021
  • Status changed from A qualifier to A étudier

#3 Updated by Emmanuel DILLARD over 1 year ago

  • Status changed from A étudier to Complément d'Informations
  • Assignee changed from Emmanuel DILLARD to Ludovic ARAUJO

#6 Updated by Ludovic ARAUJO over 1 year ago

  • Status changed from Complément d'Informations to A traiter
  • Assignee deleted (Ludovic ARAUJO)

info de contralia :

Bonjour, Pourriez-vous faire l'essai avec cette adresse https://www.contralia.fr/Contralia/login/auth ? Merci de votre retour. Cordialement.

#7 Updated by Emmanuel DILLARD over 1 year ago

  • Due date deleted (08/02/2021)
  • Status changed from A traiter to Prêt à embarquer

#8 Updated by Emmanuel DILLARD over 1 year ago

  • Status changed from Prêt à embarquer to En cours de dev (S)

#9 Updated by Emmanuel DILLARD over 1 year ago

  • Due date set to 08/06/2021

#11 Updated by Guillaume HEURTIER over 1 year ago

  • Assignee set to Guillaume HEURTIER

#12 Updated by Guillaume HEURTIER over 1 year ago

L'URL donné (https://www.contralia.fr/Contralia/login/auth) renvoi sur la page de connexion de l'interface de Contralia, cette URL ne peut donc pas être utilisée dans la config de Maarch Parapheur.

J'ai quand même testé l'envoi à Contralia (avec le mode de signature Cachet) avec ces URL :

https://test.contralia.fr:443/Contralia/api/v2 -> OK
https://test.contralia.fr:443/Contralia/login/auth -> KO (normal, c'est l'url de connexion vers l'interface, pas vers l'API)
https://www.contralia.fr/Contralia/api/v2 -> KO (normal, je n'ai pas de compte sur l'environnement de prod)
https://www.contralia.fr/Contralia/login/auth -> KO (normal, c'est l'url de connexion vers l'interface + je n'ai pas de compte sur l'environnement de prod)

À première vu, puisque ça fonctionne sur l'environnement de test et pas la prod je ne vois pas ce que l'on pourrait faire de plus.
Il pourrait être intéressant d'avoir un compte sur l'environnement de prod de Contralia pour tester et confirmer.

#13 Updated by Guillaume HEURTIER over 1 year ago

  • Status changed from En cours de dev (S) to Complément d'Informations
  • Assignee changed from Guillaume HEURTIER to Ludovic ARAUJO

#15 Updated by Emmanuel DILLARD over 1 year ago

  • Subject changed from Certificat / Horodatage DOCAPOSTE to Certificat / Horodatage DOCAPOSTE CONTRALIA

#17 Updated by Emmanuel DILLARD over 1 year ago

  • Subject changed from Certificat / Horodatage DOCAPOSTE CONTRALIA to Erreur Certificat / Horodatage (Docaposte Certinomis)
  • Assignee changed from Ludovic ARAUJO to Emmanuel DILLARD

Envoi mail tous contacts identifiés - importance haute

Objectif : identifier un support éditeur pour Certinomis (cf à l'image de Maileva)

#18 Updated by Emmanuel DILLARD over 1 year ago

  • Subject changed from Erreur Certificat / Horodatage (Docaposte Certinomis) to Erreur Certificat / Horodatage (Docaposte Contralia -> Certinomis)

#23 Updated by Emmanuel DILLARD over 1 year ago

  • Due date changed from 08/06/2021 to 08/20/2021

#25 Updated by Emmanuel DILLARD over 1 year ago

  • Assignee changed from Emmanuel DILLARD to Ludovic ARAUJO

#27 Updated by Emmanuel DILLARD over 1 year ago

  • Subject changed from Erreur Certificat / Horodatage (Docaposte Contralia -> Certinomis) to Erreur Certificat / Horodatage (SR-32187 Contralia)

#29 Updated by Emmanuel DILLARD over 1 year ago

  • Priority changed from 0-Bloquant to 2-Sérieux

#30 Updated by Emmanuel DILLARD over 1 year ago

  • Target version changed from 288 to 21.03 TMA5

#31 Updated by Emmanuel DILLARD 10 months ago

  • Priority changed from 2-Sérieux to 3-Mineur

#32 Updated by Emmanuel DILLARD 10 months ago

  • Due date deleted (08/20/2021)

#33 Updated by Emmanuel DILLARD 4 months ago

  • Assignee changed from Ludovic ARAUJO to Arnaud PAUGET

#34 Updated by Arnaud PAUGET 4 months ago

  • Status changed from Complément d'Informations to Clôturée
  • Assignee deleted (Arnaud PAUGET)

Clôture suite à la clôture du ticket client.

Also available in: Atom PDF