Highlighted
Knowledge Partner
Knowledge Partner
217 views

Breach check not working in 4.5

Hi

I'm testing the breach check function in 4.5 and it is not working for me due to that SSPR can't verify the certificate of the breach service I guess:

This is when I'm trying to change my password:

2020-04-07T17:18:11Z, WARN , util.PwmPasswordRuleValidator, Problem while connecting to external breach database sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

 

Which certificates do I need to import?

To the JDK/JRE cacerts keystore or somewhere else?

 

Thanks

Labels (1)
Tags (1)
0 Likes
4 Replies
Highlighted
Community Manager Community Manager
Community Manager

Re: Breach check not working in 4.5

Hello - I got in touch with internal team and was told as follows:

Can you please let us know what software and version you are using? The SSPR product doesn’t have anything called breach so we assume you are referencing some security software that is attempting to perform some type of security breach. SSPR is just an application that runs on top of Tomcat. Maybe the issue is not really with SSPR but with Tomcat? Please provide some additional details.

0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: Breach check not working in 4.5

Hi,

No - I'm talking about the breach database check in SSPR. That is what the setting is called anyway.

From the SSPR 4.5 release notes:

 

Provision to Enable Breach Database Check

Self Service Password Reset introduces Enable Breach Database Check to generate unique and secure passwords that are passed through the breach check to ensure that it is not a compromised password.

 

0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: Breach check not working in 4.5

And this is from the SSPR log file, which itself refers to "breach":

 

2020-04-07T17:18:11Z, WARN , util.PwmPasswordRuleValidator, Problem while connecting to external breach database sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

0 Likes
Highlighted
Regular Contributor.
Regular Contributor.

Re: Breach check not working in 4.5

Same error if REST used for external password validation check in this version.

 

2020-05-12T13:51:55Z, FATAL, servlet.AbstractPwmServlet, {125,xxxxx} unexpected error: 5015 ERROR_INTERNAL (http response error while executing external rest call, error: 5057 ERROR_SERVICE_UNREACHABLE (error while making http request: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)) [xxxxxx]
2020-05-12T13:51:55Z, ERROR, util.PwmPasswordRuleValidator, error executing external rule REST call: 5015 ERROR_INTERNAL (http response error while executing external rest call, error: 5057 ERROR_SERVICE_UNREACHABLE (error while making http request: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target))

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.