000015709 - AM7.1 SDK: Destination unreachable; nested exception is: javax.net.ssl.SSLKeyException

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000015709
Applies ToAuthentication Manager 7.1
SDK
API
Customer Support Training module, CSTM videos on Cert replacement and other topics, copy and paste this link into your browser URL
https://knowledge.rsasecurity.com/scolcms/set.aspx?id=9488
IssueError 500: Command target (CacheableCommandTargetBasicAuth) initialization failure javax.naming.CommunicationException [Root exception is java.net.ConnectException: t3s://metis.csau.ap.rsa.net:7002: Destination unreachable; nested exception is: javax.net.ssl.SSLKeyException:
[15/07/08 15:09:00:779 EST] 00000031 ServletWrappe E   SRVE0068E: Uncaught exception thrown in one of the service methods of the servlet: authservlet. Exception thrown : com.rsa.common.SystemException: Command target (CacheableCommandTargetBasicAuth) initialization failure
        javax.naming.CommunicationException [Root exception is java.net.ConnectException: t3s://metis.csau.ap.rsa.net:7002: Destination unreachable; nested exception is:
        javax.net.ssl.SSLKeyException: [Security:090542]Certificate chain received from metis.csau.ap.rsa.net - 192.168.51.203 was not trusted causing SSL handshake failure.
CauseThe RSA Authentication manager API make connections to the server over SSL, this means you need to have made the appropriate configuration in your application JRE or application server (such as WebSphere) to ensure that you have a copy of the root certificate to validate the SSL connection.
Resolution

Full details about how to configure the SSL connections are in the the main SDK documentation, in this example we have 'Error 500' reported back from a WebSphere server running an application using the SDK, here you should use the standard IBM WebSphere administration system to add the RSA Authentication Manager root certificate to the WebSphere trusted root store.

For full details on how to use the SDK see the full documentation available with the SDK at http://edelivery.rsasecurity.com/dlm/securid/server/71sp3/am-7.1-sp3-sdk.zip or https://knowledge.rsasecurity.com/docs/rsa_securid/rsa_auth_mgr/71/am7.1_sdk.zip for the older version of the SDK

See also:

     a41106     log4j:WARN Please initialize the log4j system properly.
     a41108     org.springframework.beans.factory.BeanInitializationException: Could not load properties

Legacy Article IDa41121

Attachments

    Outcomes