The MATROOS web service from the Dutch Rijkswaterstaat changes to a secure SSL connection. That means that the address in the url changes from http://matroos.rws.nl to https://matroos.rws.nl.
This article describes how you can configure FEWS to use the https method. This applies to any import from Matroos, so for importypes like noos_timeseries.
Delft-FEWS is based on JAVA and JAVA does not have by default the PKI Overheid certificate in it's distribution. Unlike popular browsers like Firefox, Chrome or IE. Therefore the PKI Overheid certificate should be made known to JAVA using the below approach.
Be aware: in May 2018, the Matroos server required the StaatDerNederlanden-Root-GA3 certificate, while LMW-SIP and AQUALARM required the StaatDerNederlanden-Root-GA2 certificate.
Add the steps involved:
MC Proxy Configuration
On a FSS the client truststore should be configured in the fews.master.mcproxy.conf explicitly by passing the -Djavax.net.ssl.trustStore parameter in the jvm section of the master.conf. An example configuration looks as follows:
<jvm path="D:\fews\jre-8u73\bin\java"> <arg id="0" value="-Xmx1536M"/> <arg id="1" value="-Djava.library.path=D:/fews/fss/nlknmc00/FSS00/FewsShell/bin"/> <arg id="2" value="-Djava.awt.headless=true"/> <arg id="3" value="-Djavax.net.ssl.trustStore=D:\fews\fss\truststores\rws.truststore"/> </jvm> |
See also the general information on the generation of client truststores at
Here is described how you can generate your own client truststore file, for example using a private password.