Discussions
Categories
- 17.9K All Categories
- 3.4K Industry Applications
- 3.3K Intelligent Advisor
- 62 Insurance
- 536K On-Premises Infrastructure
- 138.2K Analytics Software
- 38.6K Application Development Software
- 5.7K Cloud Platform
- 109.4K Database Software
- 17.5K Enterprise Manager
- 8.8K Hardware
- 71.1K Infrastructure Software
- 105.2K Integration
- 41.6K Security Software
unable to find valid certification path to requested target

Hi,
I'm testing a few composites where the external partner uses ssl. The certificates work on the test environment but on prod they generate failing/on recovery instances. See below error.
NB: The setup on prod and test in the same
oracle.fabric.common.FabricInvocationException: Unable to invoke endpoint URI "https://integrations.kra.go.ke:443/ws" successfully due to: javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Unable to invoke endpoint URI "https://integrations.kra.go.ke:443/ws" successfully due to: javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Also strange that after adding a certificate using below command
keytool -import -trustcacerts -alias krakey -file /export/home/applprod/IntegrationsRootCert.cer -keystore /usr/jdk/instances/jdk1.8.0/jre/lib/security/cacerts
I was still able to add the same certificate using the enterprise manager console and there was no conflict.
Weblogic Domain>Security>Keystore>trust>Manage>import certificate.
Jks location is /usr/jdk/instances/jdk1.8.0/jre/lib/security/cacerts
How can I resolve this issue?
Your assistance is highly appreciated.
Answers
-
Hi,
Check the "Keystores" tab configuration for the SOA managed server... Navigate to <domain> --> Environment --> Servers --> click on the soa managed server --> Keystores tab
The configuration of prod and test might be different on there...
Cheers,
Vlad
-
Hi Vladivoas,
External partner made changes to ssl which cleared the error. Made no config changes to the soa environment.
Thank you