Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Panel
Table of Contents
minLevel3
stylenone

...

Which versions of Java are supported?

MessageHandler runs only with Oracle Java. The following versions are supported:

...

Note: the Unlimited Strength Jurisdiction Policy Files must be provided in the Java installation, if you plan to use the PDF signing feature of MessageHandler. The Unlimited Strength Jurisdiction Policy Files must be downloaded from the Oracle website. For Java 7, for Java 8.

Installation on Microsoft Windows

Does MessageHandler work on Microsoft Windows 64 bit?

...

Download Microsoft Fix-it from support.microsoft.com or download it from Open eGov Wiki.

Installation on servers in Windows Domains

The local service account has to be used, if the server is a member in a Windows domain. Using a domain with local adminstrator rights will not work.

How to configure directory and file names for Windows?

...

Code Block
languagehtml/xml
themeConfluence
<outbox dirPath="//fileserver.some.domain.ch/interface/outbox" msgType="10301">
MessageHandler logs an ERROR on startup

If starting MessageHandler for the first time after a fresh installation, you will notice the following error message in the file 

...

Mehrere Instanzen auf einer einzigen Windows Maschine

(warning) Generell empfehlen wir, pro Maschine nur eine sedex Client und MessageHandler Instanz zu installieren. 

Wenn Sie auf einer einzigen Windows Maschine mehrere Instanzen des MessageHandlers betreiben wollen, gehen Sie wie folgt vor:

  • Installieren Sie pro gewünschte MessageHandler Instanz einen sedex Client. Die Installation und Konfiguration mehrerer sedex Clients ist hier nicht beschrieben. Fahren Sie erst weiter, wenn jede der sedex Client Instanzen korrekt funktioniert.
  • Sie brauchen pro MessageHandler Instanz ein separates Installationsverzeichnis (z.B. c:\mh-SEDEXID, wo SEDEXID die sedex ID des entsprechenden eSchKG Teilnehmers ist) und separate Arbeitsverzeichnisse.
  • Passen Sie die Variablen wrapper.ntservice.namewrapper.ntservice.displaynamewrapper.ntservice.description in der Datei conf/wrapper.conf jeder Instanz entsprechend Ihren Bedürfnissen an.
  • Passen Sie den Port der Webservice Schnittstelle von Messagehandler in jeder Instanz an (Attribut /config/messageHandler/webserviceInterface/@port in der Datei conf/config.xml). Jede Instanz braucht einen eigenen Port, sonst kann der Messagehandler den Webservice nicht starten.

MessageHandler logs an ERROR on startup

If starting MessageHandler for the first time after a fresh installation, you will notice the following error message in the file 

Code Block
[ERROR] WrapperListener_start_runner DbLogService Table not found in 
statement [DELETE FROM status WHERE (received_date IS NULL AND 
DATEDIFF('dd', sent_date, CURRENT_TIMESTAMP) > ?)  OR DATEDIFF('dd', 
received_date, CURRENT_TIMESTAMP) > ?] ParametersQuery: [2, 2]

This error message can be ignored, as a automatic cleanup job of MessageHandler tries to cleanup a database table, which has not yet been created.

MessageHandler service fails to start with signature error

...

DELETE FROM status WHERE 
(received_date IS NULL AND DATEDIFF('dd', sent_date, CURRENT_TIMESTAMP) > ?) 
OR DATEDIFF('dd', received_date, CURRENT_TIMESTAMP) > ? Parameters: [2, 2]

This error message can be ignored, as a automatic cleanup job of MessageHandler tries to cleanup a database table, which has not yet been created.

MessageHandler service fails to start with signature error

To start the Java application as a native Windows service the Tanuki Wrapper is used. This executable is signed and the corresponding certificate must be trusted by the operating system. If this isn’t the case the following statements are logged into wrapper.log

...

Please follow the instructions on https://wrapper.tanukisoftware.com/doc/german/troubleshooting.html#9 to solve this issue.

MessageHandler startup fails with error 'Caused by: java.io.FileNotFoundException: ....\${ADAPTER_HOME}\certificate\prod-bit\...'

When you try to configure a signing outbox for a nativeApp and the startup of MessageHandler fails with an error message (found in log file log\message-handler.log) like

...

  • start you favourite file editor and load the the certificate configuration file of your sedex adapter (usually  ..\adapter\conf\certificateConfiguration.xml)
  • replace the all occurences of  ${ADAPTER_HOME}  with the path of your sedex installation directory

MessageHandler startup fails with error 'Unable to validate sedex certificate config. ex: Content is not allowed in prolog.'

When you try to configure a signing outbox for a nativeApp and the startup of MessageHandler fails with an error message (found in log file log\message-handler.log) like

...

in this case there is most probaly a UTF-8 BOM (byte order mark) at the very beginning of  the certificate configuration file of your sedex client (usually  ..\adapter\conf\certificateConfiguration.xml). Use a text editor like Notepad++ (on Windows) to convert the file to a UTF-8 file without the BOM (or use a binary editor and remove the 3 first bytes EF BB BF).

MessageHandler verarbeitet die Files aus der sedex inbox nicht

Wenn der MessageHandler die Files aus der sedex inbox nicht verarbeitet, dann liegt das typischerweise an fehlenden Berechtigungen.

...

Sie müssen hier den User eintragen, der die Berechtigung hat, das Directory zu lesen und zu schreiben.

MessageHandler does not forward the eSchKG/e-LP/e-LEF to the right sedex recipient

MessageHandler determines the sedex ID of the recipient by inspecting the names of the files. A Groovy script is responsible to fumble the sedex ID out of the filenames. The Groovy script has to be configured in the file config.xml in the participantIdResolver tag.

...

Code Block
/**
 * Leitet aus einem übergebenen Filenamen die sedex ID des Empfängers
 * ab.
 * Dieser Resolver funktioniert für
 * - eSchKG Meldungen
 *   sedex ID wird aus dem Filenamen extrahiert.
 *
 * @param filename the name of the file to be sent including path
 * @return the resolved Sedex-ID or an empty string
 *
 * Igor Metz, 2011-10-20
 */
def String resolve(String filename) {
  // Wenn das File in der eSchKG Outbox liegt, geht es an den im Filenamen
  // bezeichneten Empfänger
  def matcher = (filename =~ /^.*\/([1-9]-[0-9A-Z]+-[0-9]+)_.*/)
  if (matcher.matches()) {
    return matcher.group(1)
  }

  // Wenn alle Stricke reissen: leer zurückgeben
  return ''
}
MessageHandler produces warning "message sent by the Sedex adapter, but there is no envelope in the Sedex sent directory"

This warning can safely be ignored. MessageHandler produces this warning when it has to process a larger batch of eSchKG/e-LP/e-LEF messages and the Sedex adapter already sent out some of the produces Sedex messages while MessageHandler is still processing the batch. The MessageHandler is then surprised by missing envelopes.

MessageHandler refuses to sign PDF files

If MessageHandler fails to sign PDF files and logs a FATAL error like this in message-handler.log 

Code Block
2016-03-01 13:38:30.881 [FATAL] DefaultQuartzScheduler_Worker-6 SenderSessionImpl Not able to sign PDFs. Ex when signing: Cannot open certificate. Is the password correct?, Signing Outbox: signingoutbox
ch.admin.suis.msghandler.signer.SignerException: Ex when signing: Cannot open certificate. Is the password correct?, Signing Outbox: signingoutbox
	at ch.admin.suis.msghandler.signer.Signer.sign(Signer.java:159)
	at ch.admin.suis.msghandler.signer.Signer.sign(Signer.java:96)
	at ch.admin.suis.msghandler.sender.SenderSessionImpl.handleSigning(SenderSessionImpl.java:282)
	at ch.admin.suis.msghandler.sender.SenderSessionImpl.createMessages(SenderSessionImpl.java:108)
	at ch.admin.suis.msghandler.sender.Sender.execute(Sender.java:63)
	at/^.*\/([1-9]-[0-9A-Z]+-[0-9]+)_.*/)
  if (matcher.matches()) {
    return matcher.group(1)
  }

  // Wenn alle Stricke reissen: leer zurückgeben
  return ''
}

MessageHandler produces warning "message sent by the Sedex adapter, but there is no envelope in the Sedex sent directory"

This warning can safely be ignored. MessageHandler produces this warning when it has to process a larger batch of eSchKG/e-LP/e-LEF messages and the Sedex adapter already sent out some of the produces Sedex messages while MessageHandler is still processing the batch. The MessageHandler is then surprised by missing envelopes.

MessageHandler refuses to sign PDF files

If MessageHandler fails to sign PDF files and logs a FATAL error like this in message-handler.log 

Code Block
2016-03-01 13:38:30.881 [FATAL] DefaultQuartzScheduler_Worker-6 SenderSessionImpl Not able to sign PDFs. Ex when signing: Cannot open certificate. Is the password correct?, Signing Outbox: signingoutbox
ch.admin.suis.msghandler.sender.SenderJob.execute(SenderJob.java:73)signer.SignerException: Ex when signing: Cannot open certificate. Is the password correct?, Signing Outbox: signingoutbox
	at org.quartz.core.JobRunShell.run(JobRunShellch.admin.suis.msghandler.signer.Signer.sign(Signer.java:202159)
	at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPoolch.admin.suis.msghandler.signer.Signer.sign(Signer.java:52996)
Caused by:	at ch.admin.suis.batchsigner.BatchException: Cannot open certificate. Is the password correct?.msghandler.sender.SenderSessionImpl.handleSigning(SenderSessionImpl.java:282)
	at ch.admin.suis.msghandler.batchsignersender.BatchRunnerBuilderSenderSessionImpl.getPKCS12KeystorecreateMessages(BatchRunnerBuilderSenderSessionImpl.java:567108)
	at ch.admin.suis.msghandler.batchsignersender.BatchRunnerBuilderSender.buildPdfSignerexecute(BatchRunnerBuilderSender.java:43463)
	at ch.admin.suis.msghandler.batchsignersender.BatchRunnerBuilderSenderJob.buildMinimalexecute(BatchRunnerBuilderSenderJob.java:21173)
	at ch.admin.suis.msghandler.signer.Signer.sign(Signer.java:143)
	... 7 moreorg.quartz.core.JobRunShell.run(JobRunShell.java:202)
	at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:529)
Caused by: javach.io.IOException: exception decrypting data - java.security.InvalidKeyException: Illegal key size
	at org.bouncycastle.jce.provider.JDKPKCS12KeyStore.cryptData(Unknown Source)admin.suis.batchsigner.BatchException: Cannot open certificate. Is the password correct?
	at orgch.bouncycastleadmin.jcesuis.providerbatchsigner.JDKPKCS12KeyStoreBatchRunnerBuilder.engineLoad(Unknown SourcegetPKCS12Keystore(BatchRunnerBuilder.java:567)
	at java.security.KeyStore.load(Unknown Sourcech.admin.suis.batchsigner.BatchRunnerBuilder.buildPdfSigner(BatchRunnerBuilder.java:434)
	at ch.admin.suis.securitybatchsigner.tools.keystore.SignerKeystorePKCS12.<init>(SignerKeystorePKCS12BatchRunnerBuilder.buildMinimal(BatchRunnerBuilder.java:103211)
	at ch.admin.suis.msghandler.batchsignersigner.BatchRunnerBuilderSigner.getPKCS12Keystoresign(BatchRunnerBuilderSigner.java:563143)
	... 10 more

Reason: your Java installation does not have the Unlimited Strength Jurisdiction Policy Files installed. 

Mehrere Instanzen auf einer einzigen Windows Maschine

(warning) Generell empfehlen wir, pro Maschine nur eine sedex Client und MessageHandler Instanz zu installieren. 

Wenn Sie auf einer einzigen Windows Maschine mehrere Instanzen des MessageHandlers betreiben wollen, gehen Sie wie folgt vor:

...

7 more
Caused by: java.io.IOException: exception decrypting data - java.security.InvalidKeyException: Illegal key size
	at org.bouncycastle.jce.provider.JDKPKCS12KeyStore.cryptData(Unknown Source)
	at org.bouncycastle.jce.provider.JDKPKCS12KeyStore.engineLoad(Unknown Source)
	at java.security.KeyStore.load(Unknown Source)
	at ch.admin.suis.security.tools.keystore.SignerKeystorePKCS12.<init>(SignerKeystorePKCS12.java:103)
	at ch.admin.suis.batchsigner.BatchRunnerBuilder.getPKCS12Keystore(BatchRunnerBuilder.java:563)
	... 10 more

Reason: your Java installation does not have the Unlimited Strength Jurisdiction Policy Files installed.