In order to encrypt the communication between IDM and AS Java during the Initial load or any other jobs, you may want to use HTTPs instead of HTTP for a JAVA server. However, if you choose the https protocol, you may get an error in Initial Load job. Error message looks like this
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
CERT have been imported -> jre/lib/security
someone has similar problems ?
many many thanks
Stefan
solution http://scn.sap.com/community/idm/blog/2014/06/20/as-java-initial-load-with-https 1) JRM Directories on the server /usr/sap/SID/sapjvm_6/jre/lib/security 2) Check Show which cacerts store certificates keytool -list -keystore cacerts You will be prompted to enter the password for the store. The default password is changeit http://docs.oracle.com/javase/7/docs/technotes/tools/windows/keytool.html 3) Export certificate from the browser's Java system 4) Import the certificate with the help of the following command keytool -keystore cacerts -importcert -alias SID -file SID.cer 5) follow-up keytool -list -keystore cacerts best regards Stefan
You have to import the ssl certificate of the remote server into the JRE of the IdM runtime.
Add a comment