RSA Access Manager SSLHandshakeException when using Auth SSL
Originally Published: 2014-01-23
Article Number
Applies To
This issue occurs due to an issue in the JAVA 1.6 or 1.7 crypto libraries when doing certain actions on PKCS 12 keystores. The issue did not occur in earlier versions of RSA Access Manger because we used older library calls. The issue specifically occurs when trying to retrieve objects from a PKCS keystore that contains both trusted certificates and private keys.
Issue
Error in dispatcher.log or lserver.log file:
23,1axm-dispatcher,2014-01-09 16:51:27:397 EST,0,Error, , ,{error=javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found description=Error handling client connection from 10.10.10.10/10.10.10.10:33188},10.
Error in dispatcher standard output file when in debug mode:
ClientConnection-21, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
Resolution
Alternately you can use separate JKS keystores for the truststore and the keystore files used for Auth SSL.
Related Articles
Error connecting to a remote AMIS Service via Auth Harness Prime Number of Views Auth Source on login screen changes randomly in SecurID Governance & Lifecycle Number of Views RSA Authentication Manager Auth SDK 8.5 (Java) failed on startup (TLS_DHE_RSA_WITH_AES_256_CBC_SHA) Number of Views 'decrypt error: IV missing' in Java auth API trace log Number of Views AM Auth SDK 8.5 (for Java) troubleshooting -- Invalid config file Invalid bootstrap data Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory Mandatory Certificate Upgrade Required by 6th October 2025 for RSA MFA Agent for PAM, RSA MFA Agent for Apache, and Third … RSA Authentication Manager 8.9 Release Notes (January 2026)
Don't see what you're looking for?
