Uploaded image for project: 'OFBiz'
  1. OFBiz
  2. OFBIZ-9449

Missing secure port in URLs when sending mails



    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • Release Branch 16.11, Trunk
    • 16.11.04
    • framework
    • None


      While working on an issue reported by Pierre Gaudin on user ML https://s.apache.org/gDo3, here quoted:

      While testing the sending of a new password on a local trunk, I meet an error.
      Here are the stapes to reproduce:

      • ont the login page click on 'Forgot Your Password?'
      • an email is sent with a link
      • click the link
      • a form is display allowing to indicate the new password
      • clik on submit button and then an error message is display

      In the local OFBiz log i can see this errror message :

      > Unable to execute 'doFinal' with cipher instance [javax.crypto.Cipher@42f40da].

      If i do the same on on trunk demo i see this error message :

      > org.apache.ofbiz.entity.EntityCryptoException: org.apache.ofbiz.entity.EntityCryptoException: key(Secret Key) not found in database (key(Secret Key) not found in database)
      > at org.apache.ofbiz.entity.util.EntityCrypto.decrypt(EntityCrypto.java:138) ~[ofbiz.jar:?]
      > at org.apache.ofbiz.webapp.control.LoginWorker.login(LoginWorker.java:336) [ofbiz.jar:?]

      I found another issue while testing: the port 8443 is missing in the URL used underneath by the form reported by Pierre.

      It was broken by OFBIZ-9206 where I removed the value of port.https in url.properties. It's not an issue if you set the value of port.https, or let it empty when using a SSL certificate on a production server. But if you try locally (localhost) then the URL misses the 8443 port.


        Issue Links



              jleroux Jacques Le Roux
              jleroux Jacques Le Roux
              0 Vote for this issue
              1 Start watching this issue