000034000 - SSL Certificate Renewal - Alpha Authentify for RSA Adaptive Authentication (on Premise) 7.1

Document created by RSA Customer Support Employee on Sep 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000034000
Applies ToRSA Product Set: Adaptive Authentication (OnPrem)
RSA Version/Condition: 7.x
 
IssueSMS and Phone Call Authentication methods that connect thorough Authentify (https://alpha.authentify.com/s2s/default.asp) are not working in STAGE environment. 
Logs shows the below information. 
 
2016-09-08 12:23:59,301 ERROR [pool-28758-thread-1] [d436:8ba20e8e651:fc8fc1b7||1473374026315]
[e436:8ba20e8e651:fc8fc1b7_TRX] [com.rsa.csd.oobsms.acsp.OOBSMSAuthentifyChallengeRequestHandler] -
<Error occured while sending request to channel: com.ibm.jsse2.util.j: PKIX path building failed:
java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: 
java.security.cert.CertPathValidatorException:
The certificate issued by CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US is not trusted;
internal cause is: 
java.security.cert.CertPathValidatorException: Certificate chaining error> 
org.apache.axis2.AxisFault: com.ibm.jsse2.util.j: PKIX path building failed: java.security.cert.CertPathBuilderException:
PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: 
java.security.cert.CertPathValidatorException: The certificate issued by
CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US is not trusted; internal cause is: 
java.security.cert.CertPathValidatorException: Certificate chaining error

 
ResolutionYes Authentify performed scheduled maintenance to replace the SSL Certificates in the Alpha environment

URLs:
https://alpha.authentify.com/s2s/default.asp (209.117.189.205) – for session requests, 1 way SSL
https://a1.authentify.com/s2s/default.asp (209.117.189.203) – for polling
 
https://certs2s.alpha.authentify.com/default.asp (209.117.189.234) – session request, 2 way SSL
https://certs2s.a1.authentify.com/s2s/default.asp (209.117.189.235) – for polling
Customer needs to download the new certificate from https://alpha.authentify.com/s2s/default.asp and replace it to jks trust store

NotesAuthentify Notification is as below
 
TEST SYSTEMS MAINTENANCE NOTIFICATION
Category: Planned Maintenance
   Product: SSL CERTIFICATE RENEWAL - ALPHA

    
    
   Reason for Notification:
    
   Authentify will be performing scheduled maintenance to replace the SSL Certificates in the Alpha environment.
    
    
   URLs:
   https://alpha.authentify.com/s2s/default.asp (209.117.189.205) – for session requests, 1 way SSL
   https://a1.authentify.com/s2s/default.asp (209.117.189.203) – for polling
    
   https://certs2s.alpha.authentify.com/default.asp (209.117.189.234) – session request, 2 way SSL
   https://certs2s.a1.authentify.com/s2s/default.asp (209.117.189.235) – for polling

    
    
   Note: Customers who have policies requiring testing in Imp (Dev) environment before testing against Alpha (UAT) should note that mutual authentication is not enabled in the Imp (Dev) environment.
    
   Customers that require a copy of the new public certificate must send a request to support@authentify.com with the Subject Line: Public Cert request. In your request, please indicate for which environment you require a public certificate.
  
   Customer Impact:

    
   There is no expected downtime for this maintenance.
    
    
   Note:  
    
   While the Alpha environment will remain online and available, customers may experience intermittent connectivity during the maintenance window. For best results, please wait until the maintenance window is over before resuming test activities.
    
  
   Please note that all times are Central Time.
    
   Expected start time:  Thursday, September 1, 16:00 US Chicago (21:00 UTC)
   Expected end time:   Thursday, September 1, 17:00 US Chicago (22:00 UTC)
We appreciate your understanding during this maintenance.
  
   Authentify Support

    

Attachments

    Outcomes