000031218 - AAOP - SSL Handshake error occurs when two keystore is used

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000031218
Applies ToRSA Product Set: Adaptive Authentication (OnPrem)
RSA Version/Condition: 7.1
Platform: Windows
IssueThe following error occurs in the backoffice.log if the environment uses two keystores.
 
ERROR [[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [] [] [com.rsa.webui.aabo.csradmin.CsrAdminController] - <Can't connect to Web Service>
AxisFault
 faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
 faultSubcode:
 faultString: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: java.security.cert.CertPathBuilderException: Could not build a validated path.
 faultActor:
 faultNode:
 faultDetail:
    {http://xml.apache.org/axis/}stackTrace:javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: java.security.cert.CertPathBuilderException: Could not build a validated path.
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
CauseYou may encounter SSL handshake errors if you have two keystores configured.
ResolutionAAOP recommends using only one keystore.

Attachments

    Outcomes