RSA Access Manager SSLHandshakeException when using Auth SSL

3 years ago

Originally Published: 2014-01-23

Article Number

000050194

Applies To

RSA Access Manager version 6.2
This issue occurs due to an issue in the JAVA 1.6 or 1.7 crypto libraries when doing certain actions on PKCS 12 keystores. The issue did not occur in earlier versions of RSA Access Manger because we used older library calls. The issue specifically occurs when trying to retrieve objects from a PKCS keystore that contains both trusted certificates and private keys.

Issue

RSA Access Manager SSLHandshakeException when using Auth SSL
Error in dispatcher.log or lserver.log file:

23,1axm-dispatcher,2014-01-09 16:51:27:397 EST,0,Error, , ,{error=javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found description=Error handling client connection from 10.10.10.10/10.10.10.10:33188},10.

Error in dispatcher standard output file when in debug mode:

ClientConnection-21, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found

at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)

Resolution

This issue can be avoided by using JKS keystores when using Auth SSL mode.
Alternately you can use separate JKS keystores for the truststore and the keystore files used for Auth SSL.

Don't see what you're looking for?

Potential Impact from Salesforce Device Activation Change

Related Articles

Trending Articles