Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.

Who Me Too'd this topic

Who Me Too'd this topic

RandyR Valued Contributor.
Valued Contributor.
565 views

Intermediate Certificate causes "peer not authenticated" on Integration Activities in IDM 4.7

Greetings -

With IDM UA 4.7.2 on SLES 12 SP3, I am trying to use a wildcard DigiCert (tomcat.ks), and cannot run any of the Integration Activity PRDs that I created.  All other functionality seems to work OK.  Log snip it at the end of post.  I then created a certificate from the eDir CA and put it in place (No intermediate in chain).  Now it works.  I then created a certificate from our Active Directory CA, which has an intermediate certificate in the chain, and i get the same error as the DigiCert certificate.

I can reproduce this by switching the UA Application SSL certificate.  Anybody else experience this? Is this a bug? 

Here is where I imported the certificates:

UA Server

/opt/netiq/idm/apps/tomcat/conf/tomcat.ks - pfx files (DigiCert, EDir, and AD) (private key and chain) Password for the store and private key are the same.

/opt/netiq/common/jre/lib/security/cacerts - DigiCert Root and Intermediate, eDir Root, AD Root and Intermediate.

UA Driver eDir Server

/opt/novell/eDirectory/lib64/nds-modules/jre/lib/security/cacerts - DigiCert Root and Intermediate, eDir Root, AD Root and Intermediate.

After certs were imported and then the  UA and eDir were restarted.

Thanks,

*************************************************************************************

2019-07-09 13:09:15,387 DEBUG [com.novell.soa.af.impl.activity.IntegrationActivity] (RBPM pool-1-workflow engine-ND-thread-7) [RBPM] Input:
java.lang.ClassNotFoundException : com.sssw.b2b.ee.jms.rt.GNVJMSXObjectFactory
java.lang.ClassNotFoundException : com.sssw.b2b.ee.jms.rt.GNVJMSServiceXObjectFactory

These seem to be normal errors?

Errors encountered while loading factories:
Enabler status errors:
Enabler: 3270; Error: Current License Version is 60 but version 52 is required
Enabler: 3270logon; Error: Current License Version is 60 but version 52 is required
Enabler: 5250; Error: Current License Version is 60 but version 52 is required
Enabler: 5250logon; Error: Current License Version is 60 but version 52 is required
Enabler: CICSRPC; Error: Current License Version is 60 but version 52 is required
Enabler: EDI; Error: Current License Version is 60 but version 52 is required
Enabler: HTML; Error: Current License Version is 60 but version 52 is required
Enabler: JMS; Error: Cannot get build for: com.sssw.b2b.ee.jms.rt.GNVJMSXObjectFactory
Enabler: JMSService; Error: Cannot get build for: com.sssw.b2b.ee.jms.rt.GNVJMSServiceXObjectFactory
Enabler: PROCESS; Error: Current License Version is 60 but version 52 is required
Enabler: TELNET; Error: Current License Version is 60 but version 52 is required
Enabler: Telnetlogon; Error: Current License Version is 60 but version 52 is required

"
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:450)
at com.sssw.b2b.ee.httpclient.HTTPConnection.sendRequest(HTTPConnection.java:2967)
at com.sssw.b2b.ee.httpclient.HTTPConnection.handleRequest(HTTPConnection.java:2812)
at com.sssw.b2b.ee.httpclient.HTTPConnection.setupRequest(HTTPConnection.java:2626)
at com.sssw.b2b.ee.httpclient.HTTPConnection.Post(HTTPConnection.java:1224)
at com.sssw.b2b.ee.httpclient.HTTPConnection.Post(HTTPConnection.java:1200)
at com.sssw.b2b.rt.util.GNVURLReadWrite.httpPutOrPost(GNVURLReadWrite.java:457)
at com.sssw.b2b.rt.util.GNVURLReadWrite.httpPost(GNVURLReadWrite.java:405)
at com.sssw.b2b.rt.util.GNVURLReadWrite.putOrPostURL(GNVURLReadWrite.java:761)
at com.sssw.b2b.rt.util.GNVURLReadWrite.postURL(GNVURLReadWrite.java:734)
at com.sssw.b2b.rt.action.GNVDocIOAction.evaluateXMLAction(GNVDocIOAction.java:539)
at com.sssw.b2b.rt.action.GNVDocIOAction.apply(GNVDocIOAction.java:448)
at com.sssw.b2b.rt.action.GNVActionList.apply(GNVActionList.java:209)
at com.sssw.b2b.rt.action.GNVTryAction.apply(GNVTryAction.java:324)
at com.sssw.b2b.rt.action.GNVActionList.apply(GNVActionList.java:209)
at com.sssw.b2b.rt.action.GNVActionModel.apply(GNVActionModel.java:177)
at com.sssw.b2b.rt.GNVActionComponent.execute(GNVActionComponent.java:439)
at com.sssw.b2b.rt.service.GNVServiceComponent.execute(GNVServiceComponent.java:186)
at com.novell.soa.af.impl.activity.IntegrationActivity.executeComponent(IntegrationActivity.java:668)
at com.novell.soa.af.impl.activity.IntegrationActivity.execute(IntegrationActivity.java:482)
at com.novell.soa.af.impl.activity.IntegrationActivity.process(IntegrationActivity.java:311)
at com.novell.soa.af.impl.activity.ActivityNode.notifyArrive(ActivityNode.java:231)
at com.novell.soa.af.impl.activity.IntegrationActivity.notifyArrive(IntegrationActivity.java:277)
at com.novell.soa.af.impl.core.ProcessImpl.startActivity(ProcessImpl.java:1740)
at com.novell.soa.af.impl.core.ProcessImpl.forward(ProcessImpl.java:1637)
at com.novell.soa.af.impl.activity.ActivityNode.forward(ActivityNode.java:290)
at com.novell.soa.af.impl.activity.ActivityNode.forward(ActivityNode.java:265)
at com.novell.soa.af.impl.activity.StartActivity.process(StartActivity.java:94)
at com.novell.soa.af.impl.activity.ActivityNode.notifyArrive(ActivityNode.java:231)
at com.novell.soa.af.impl.activity.RunnableActivity.run(RunnableActivity.java:50)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
++++++ Tue Jul 09 13:09:16 CDT 2019 USER LOG FROM GEN_V1_GLWF_UserApplication_Assign Role_Activity
------ com.sssw.b2b.rt.GNVException: rt001801:Document I/O error: peer not authenticated;
---> nested javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

Labels (1)
0 Likes
Who Me Too'd this topic
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.