RE: https external-graphics

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

RE: https external-graphics

Neil Smeby

Aha! I found the problem. Turns out I was using -Djava.ext.dirs=<path to fop> to execute FOP so that the dynamic class loading worked. But there's a built in way by using -Dfop.home= instead. The java.ext.dirs causes the java SSL connection to fail with a "RSA premaster secret error" that seems to get swallowed by the FOP exception handling here (google that error for details). In general maybe FOP could better log errors.
Probably a try/catch+log around the openStream call in the NormalResourceResolver class in the getResource method, but maybe also elsewhere to catch actual I/O errors.


-----Original Message-----
From: Neil Smeby
Sent: Tuesday, January 8, 2019 12:34 PM
To: '[hidden email]' <[hidden email]>
Subject: RE: https external-graphics

(sorry to break the thread chain, I just recently joined the list and missed the original responses)

So the example image I was trying to use in FOP was a random google image search result (for foo) that was on a BBC media server that had https with a valid signed (not self-signed) certificate. And when I try to fetch the image using the simple java program below, it works fine. So it doesn't seem to be a JDK or certificate problem. Can someone else test the .fo file in my original email? Feel free to replace the image url with an https reference you trust.


public class foo {
    public static void main(String[] args) throws Exception {
        URL url = new URL("");
        URLConnection connection = url.openConnection();
        InputStream is = connection.getInputStream();

        BufferedReader in = new BufferedReader(new InputStreamReader(is));

        StringBuilder response = new StringBuilder();
        String inputLine;

        while ((inputLine = in.readLine()) != null)



To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]