After I installed the Ephox Textbox.io editor in IBM Connections 5.5 as described here everything worked perfect in Firefox and Internet Explorer. However opening the editor in Google Chrome displayed the following error message “The spelling service was not found: (https://server.example.com/ephox-spelling/).”
If you look at a Fiddler trace you see that the request “https://server.example.com/ephox-spelling/1/correction” returns an Error 500.
Looking at the SystemOut.log of the server where you have Ephox spell checking deployed displays several error messages complaining about untrusted SSL certificates:
[ironbark-akka.actor.default-dispatcher-34] ERROR s.can.client.HttpClientConnection - Aborting encrypted connection to servername.example.com/xxx.xxx.xxx.xxx:443 due to [SSLHandshakeException:General SSLEngine problem] -> [SSLHandshakeException:General SSLEngine problem] -> [m:PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is:
java.security.cert.CertPathValidatorException: The certificate issued by CN=*************** is not trusted; internal cause is:
java.security.cert.CertPathValidatorException: Certificate chaining error] -> [CertPathBuilderException:PKIXCertPathBuilderImpl could not build a valid CertPath.] -> [CertPathValidatorException:The certificate issued by CN=*************** is not trusted] -> [CertPathValidatorException:Certificate chaining error]
.....
[ironbark-akka.actor.default-dispatcher-26] ERROR akka.actor.ActorSystemImpl - Error during processing of request HttpRequest(POST,https://servername.example.com/1/correction,List(Host: servername.example.com, Content-Length: 28, Pragma: no-cache, Cache-Control: no-cache, Origin: https://servername.example.com, User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.109 Safari/537.36, Content-Type: application/json, DNT: 1, Referer: https://servername.example.com/wikis/home?lang=en, Accept-Encoding: gzip, deflate, Accept-Language: en, de;q=0.8, Cookie: LtpaToken2=****************; LtpaToken=***********; ROLE_global-moderator=true; ROLE_metrics-report-run=true; ROLE_admin=false; ROLE_mail-user=true; X-IC-Preload=true; JSESSIONID=**************; BAYEUX_BROWSER=b0e4uvkqur88n75uikp8s53pyxw; org.cometd.reload=******************, Surrogate-Capability: WS-ESI="ESI/1.0+", _WS_HAPRT_WLMVERSION: -1, Expect: 100-Continue),HttpEntity(application/json,{"words":[],"language":"en"}),HTTP/1.1)
spray.can.Http$ConnectionException: Aborted
at spray.can.client.HttpHostConnectionSlot.reportDisconnection(HttpHostConnectionSlot.scala:228) ~[spray-can_2.11-1.3.2.jar:na]
at spray.can.client.HttpHostConnectionSlot$$anonfun$connected$1.applyOrElse(HttpHostConnectionSlot.scala:161) ~[spray-can_2.11-1.3.2.jar:na]
at akka.actor.Actor$class.aroundReceive(Actor.scala:465) ~[akka-actor_2.11-2.3.9.jar:na]
at spray.can.client.HttpHostConnectionSlot.aroundReceive(HttpHostConnectionSlot.scala:33) ~[spray-can_2.11-1.3.2.jar:na]
at akka.actor.ActorCell.receiveMessage(ActorCell.scala:516) [akka-actor_2.11-2.3.9.jar:na]
at akka.actor.ActorCell.invoke(ActorCell.scala:487) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:254) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.Mailbox.run(Mailbox.scala:221) [akka-actor_2.11-2.3.9.jar:na]
at akka.dispatch.Mailbox.exec(Mailbox.scala:231) [akka-actor_2.11-2.3.9.jar:na]
at scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260) [scala-library-2.11.6.jar:na]
at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.pollAndExecAll(ForkJoinPool.java:1253) [scala-library-2.11.6.jar:na]
at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1346) [scala-library-2.11.6.jar:na]
at scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979) [scala-library-2.11.6.jar:na]
at scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107) [scala-library-2.11.6.jar:na Root cause:
The server used SSL certificates for which there was not Root resp. Intermediate Certificate present in the default Java trust store of the Websphere Java SDK. I needed to manually add both root and intermediate certificate to this trust store (you probably have already added these certificates to the Websphere Cell Default Truststore; but this is another one trust store!).
To do that, run the following commands on all Websphere Application Server nodes (you need to adapt the names and path names of your certificate files):
cd /opt/IBM/WebSphere/AppServer/java/jre/lib/security ../../bin/keytool -import -trustcacerts -alias StartSSL_Root -file /opt/INSTALL/SSL/root.crt -keystore cacerts -storepass changeit -noprompt ../../bin/keytool -import -trustcacerts -alias StartSSL_SubClass2Server -file /opt/INSTALL/SSL/sub.class2.server.sha2.ca.crt -keystore cacerts -storepass changeit -noprompt
After you have done that and restarted the Websphere Clusters, your Ephox Textbox.io editor should work also with Google Chrome.