Respected Contributor.. Charlemagne Respected Contributor..
Respected Contributor..
216 views

Manage Tomcat operation target certificate cannot be validated

Jump to solution

Hi,

I'm new to HPOO and I am trying to make the Tomcat Application flow from the Middleware 1.3.0 pack working and I am stubbling upon a certificate problem.

I found nowhere in the operation to specify a keystore with the certification authorities needed to validate the certificate nor the addition of these authorities to the file client.truststore as well as the target certificates themselves change anything to this situation.

I must specify I am trying to run this from the HPOO Studio itself and not from the central, so far, only the HPOO studio is involved.

The wellknown java error message is:
{resultText=GENERAL_ERROR;exception=javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1937)

(...)

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)

(...)

Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:145)

(...)

 

Where am I supposed to store the trusted certificate authorities certificates?

TIA

Labels (1)
0 Likes
1 Solution

Accepted Solutions
Respected Contributor.. Charlemagne Respected Contributor..
Respected Contributor..

Re: Manage Tomcat operation target certificate cannot be validated

Jump to solution

Thanks, I will try the user's path since I already tried in the client.trustore in the var/security subdirectory from where studio is installed as stated in my original post.

 

EDIT: The addition of the authorities in the C:\Users\username\.oo\client.truststore did the trick. So, I must conclude from this behavior the user running OO on the Central and RAS must have its keystore setup accordingly for this to work.

0 Likes
2 Replies
Josue_G_OO Respected Contributor.
Respected Contributor.

Re: Manage Tomcat operation target certificate cannot be validated

Jump to solution

Hi,

You are right, there are no inputs to specify the keystore etc, in that case try to import the cert into the studio client.truststore

C:\Users\<YourUser>\.oo <client.truststore>

C:\Program Files\Hewlett Packard Enterprise\HPE Operations Orchestration\studio\var\security  <client.truststore>

 

Regards, 

Thank You.

Josue Gómez
Customer Support Engineer

If you find that this or any other post resolves your issue, please be sure to mark it as an accepted solution.
If you are satisfied with anyone’s response please remember to give them a KUDOS by clicking on the STAR at the bottom left of the post and show your appreciation.
0 Likes
Respected Contributor.. Charlemagne Respected Contributor..
Respected Contributor..

Re: Manage Tomcat operation target certificate cannot be validated

Jump to solution

Thanks, I will try the user's path since I already tried in the client.trustore in the var/security subdirectory from where studio is installed as stated in my original post.

 

EDIT: The addition of the authorities in the C:\Users\username\.oo\client.truststore did the trick. So, I must conclude from this behavior the user running OO on the Central and RAS must have its keystore setup accordingly for this to work.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.