안녕하세요.
오늘 로그를 보니 로그인이 정상 처리되는 것으로 확인되는데요.
관련 화면 캡쳐나 에러 메시지 첨부 부탁드립니다.
10월 28, 2021 10:48:36 오전 org.apache.catalina.core.StandardWrapperValve invoke
심각: Servlet.service() for servlet [jsp] in context with path [] threw exception [java.lang.StringIndexOutOfBoundsException: String index out of range: -1] with root cause
java.lang.StringIndexOutOfBoundsException: String index out of range: -1
at java.lang.String.substring(String.java:1911)
at org.apache.jsp.inc.memberProc.login_005fkakao_005fproc_jsp.getMapToJsonString(login_005fkakao_005fproc_jsp.java:1218)
at org.apache.jsp.inc.memberProc.login_005fkakao_005fproc_jsp._jspService(login_005fkakao_005fproc_jsp.java:2320)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1078)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:744)
10월 28, 2021 10:48:37 오전 org.apache.catalina.core.StandardWrapperValve invoke
심각: Servlet.service() for servlet [jsp] in context with path [] threw exception [java.lang.StringIndexOutOfBoundsException: String index out of range: -1] with root cause
java.lang.StringIndexOutOfBoundsException: String index out of range: -1
at java.lang.String.substring(String.java:1911)
at org.apache.jsp.inc.memberProc.login_005fkakao_005fproc_jsp.getMapToJsonString(login_005fkakao_005fproc_jsp.java:1218)
at org.apache.jsp.inc.memberProc.login_005fkakao_005fproc_jsp._jspService(login_005fkakao_005fproc_jsp.java:2320)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1078)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:744)
안녕하세요.
아래 공지사항 확인해보시겠어요?
API호출 하는 방식으로 아래 주소 GET방식으로 호출이 되는지 테스트 해보시면 인증서 문제인지 쉽게 확인 가능합니다.
https://test-kapi.kakao.com/test-ca-certificates
이런식으로 넘어오는데 바뀐게 없는 웹쪽에선 응답이 없어 값이 맞는지 문의드립니다.
캡쳐해주신 화면 크롬 익스텐션으로 KOE006에러 확인을 위한 팝업 내용 같은데요.
위에 기재해주신 로그는 Backend 로그이구요.
__
(1) Backend에서 API호출이 안되신다면,
API호출하시는 방식과 동일하게 아래주소를 Get방식으로 호출 테스트 해주세요. OK응답이 온다면 인증서 문제는 아닙니다.
https://test-kapi.kakao.com/test-ca-certificates
(2) Frontend에서 JS SDK로 카카오 로그인하는 것은 인증서 문제와 관계없이 작동됩니다.
어떤 상황이신지 파악할 수 없는데요. 에러를 재현 할 수 있는 URL알려주시겠어요?
https://bravogolf.co.kr/kr/m/member/login.jsp
에서 카카오톡 로그인을 누르면 서버에서 3번째 댓글처럼 에러가 나오는데 정작 login_kakao_proc.jsp 까지는 넘어오지는 않습니다.
function kakaoLogin() {
// 로그인 창을 띄웁니다.
Kakao.Auth.login({
success: function(authObj) {
$.ajax({
url : "/inc/memberProc/login_kakao_proc.jsp",
method : "post",
data : {access_token: authObj.access_token},
dataType : "json",
success : function(result) {
console.log(result);
if(result.result && result.result == "success") {
location.replace("../");
} else {
alert(result.resultMsg);
}
},
error : function(err) {}
});
},
fail: function(err) {
}
});
};
이런식으로 호출하고 있습니다
재현 보니
카카오 로그인 이후 “/inc/memberProc/login_kakao_proc.jsp” 에서 500 에러가 발생하네요.
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
어떤에러인지 먼저 확인해보셔야 할 것 같습니다.
이게 3년 넘게 쓰는 코드인데 어제부터 갑자기 안됩니다.
해당 부분이 고쳐진적도 없고요;;;
최근 애플이 9월 2일 Symantec 계열 루트 인증서 9개를 (macOS/iOS) 루트 저장소에서 삭제한다는 내용을 인증서 발급기관을 통해 전달받아. 인증서교체하게 되었는데요.
갑자기 그렇다면 인증서가 원인일 수 있으니 위에 기재드린 테스트 URL을 카카오 API호출하시는 것과 동일하게 호출해보시고 OK응답이 안온다면
Java: JRE 1.8.0_101 이상, ca-certificates-2015.2.4-65.0.1.el6_6.noarch 이상 버전으로 업데이트하시거나
https://www.digicert.com/kb/digicert-root-certificates.htm
에서 루트 인증서 받으시고 아래 게시물 참고하셔서 설치 부탁드립니다.
해당 루트인증서가 설치가 안되네요
인증서 설치전에 아래 테스트 주소 정상 호출되시는지 확인해보셨을까요?
https://test-kapi.kakao.com/test-ca-certificates어떻게 하는지 몰라 확인중에 있습니다.
10월 28, 2021 4:04:30 오후 org.apache.catalina.core.StandardWrapperValve invoke
심각: Servlet.service() for servlet [jsp] in context with path [] threw exception
java.io.IOException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:467)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1078)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:744)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1300)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338)
at org.apache.jsp.inc.memberProc.kakao_005fproc_jsp._jspService(kakao_005fproc_jsp.java:2192)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439)
… 23 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
… 39 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
… 45 more
우선 한줄한줄 확인 하고 있는데 위와같은 에러로 바뀌었는데 확인 부탁드립니다.
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
https://test-kapi.kakao.com/test-ca-certificates 이 주소를 Get으로 호출했을때 발생한 내용인가요?
아니요 원래 String urlStr = “https://kapi.kakao.com/v2/user/me”;
했을떄 나오는 에러이구요
String urlStr = “https://test-kapi.kakao.com/test-ca-certificates”;
System.out.println(urlStr);
URL kUrl = new URL(urlStr);
HttpURLConnection con = (HttpURLConnection) kUrl.openConnection();
con.setRequestMethod(“GET”); // optional default is GET
con.setRequestProperty(“Content-Type”, “application/x-www-form-urlencoded;charset=utf-8”);
int responseCode = con.getResponseCode();
System.out.println(responseCode);
System.out.println(con.getResponseCode());
같은 부분 위와같이 수정했을때 해당 getResponseCode 코드값은 나오지 않고 에러는 안뜨고 있습니다.
네, 인증서 문제로 보이긴하네요.
루트인증서설치 마무리 하시고 재기동하셔서 확인해보시겠어요?
아까 저부분에서 설치가 안되긴 합니다 아니오로만 나와서요
저게 ssl 인증서와는 상관없는건가요 ?
네. 사이트의 SSL인증서가 아니라 JVM에서 http Request할때 사용할 루트 인증서 설치 작업입니다.
저도 cmd 는 잘 모르기는한데, 검색해보니 아래처럼하네요.
한번 시도해보시겠어요?
이 인증서를 신뢰합니까? [아니오]: 예
인증서가 키 저장소에 추가되었습니다.네 우선 y 누르니깐 되네요 추가 되었습니다. 현재 윈도우에서 톰캣 재실행 하였는데 에러메세지는 안뜨는데 여전히 로그인은 안되고 있습니다. 댓글이 이제 안달아지네요 ㅜ.ㅜ
10월 28, 2021 4:20:33 오후 org.apache.catalina.core.StandardWrapperValve invoke
심각: Servlet.service() for servlet [jsp] in context with path [] threw exception
java.io.IOException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:467)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1078)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:744)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1300)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338)
at org.apache.jsp.inc.memberProc.kakao_005fproc_jsp._jspService(kakao_005fproc_jsp.java:2192)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439)
… 23 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323)
… 39 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
… 45 more
위와같은 에러가 나옵니다.
하나 더 궁금한게 int responseCode = con.getResponseCode(); 이값이 null 오는것 같습니다.
con.getResponseCode();
https://test-kapi.kakao.com/test-ca-certificates 주소도 https://kapi.kakao.com/v2/user/me
이것도 둘다 결과값이 안오는것 같습니다.
아래 절차데로 하니 되네요 ㅜ.ㅜ 도움주셔서 감사합니다.