Skip to Content
author's profile photo Stefan Schmid
0
Stefan Schmid

AS Java HTTPs Error opening socket: javax.net.ssl.SSLHandshakeException

Posted on Jun 15, 2016 at 11:10 AM 236 Views

In order to encrypt the communication between IDM and AS Java during the Initial load or any other jobs, you may want to use HTTPs instead of HTTP for a JAVA server. However, if you choose the https protocol, you may get an error in Initial Load job. Error message looks like this

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target


CERT have been imported -> jre/lib/security


someone has similar problems ?


many many thanks

Stefan

screen1.png (45.5 kB)
Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • Best Answer
    author's profile photo Stefan Schmid
    Stefan Schmid
    Posted on Jun 29, 2016 at 05:46 AM
    3

    solution http://scn.sap.com/community/idm/blog/2014/06/20/as-java-initial-load-with-https 1) JRM Directories on the server /usr/sap/SID/sapjvm_6/jre/lib/security 2) Check Show which cacerts store certificates keytool -list -keystore cacerts You will be prompted to enter the password for the store. The default password is changeit http://docs.oracle.com/javase/7/docs/technotes/tools/windows/keytool.html 3) Export certificate from the browser's Java system 4) Import the certificate with the help of the following command keytool -keystore cacerts -importcert -alias SID -file SID.cer 5) follow-up keytool -list -keystore cacerts best regards Stefan

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Jannis Rondorf
    Jannis Rondorf
    Posted on Jun 15, 2016 at 02:40 PM
    0

    You have to import the ssl certificate of the remote server into the JRE of the IdM runtime.

    Add a comment
    10|10000 characters needed characters exceeded

    • Jannis Rondorf Stefan Schmid
      Jun 16, 2016 at 08:23 AM

      OK, once again.

      1. You want to connect to an AS Java Server via SSL.

      2. You have to download SSL the certificates from AS Java via NWA.

      3. You have to import these certificates via the java keytool command line program into the keystore (file) of the Java Runtime (JRE) the IdM runtime is using. The certificates are stored inside this JRE keystore file.

    Comment on This Answer

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.