Skip to Content
author's profile photo Former Member
0
Former Member
Jun 23, 2016 at 08:31 AM

Facing certificate error in https URL in SMP 3.0 SP08

57 Views

Hi All,

We are facing the https certificate problem in accessing one of our URLs, which was working earlier properly. We are having the certificate now also in SMP Key store, but still we are getting this error. From the server machine we are able to access the url properly in browsers, so there is no problem in accessing the URL. What will be the reason for this issue. Please find the server logs.

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)

at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)

at sun.security.validator.Validator.validate(Validator.java:260)

at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)

at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)

at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:107)

at com.sap.esb.security.impl.delegates.X509TrustManagerDelegate.checkServerTrusted(X509TrustManagerDelegate.java:48)

at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:885)

at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428)

... 593 common frames omitted

Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)

at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)

at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)


Things which we have did already,

1.Directly from SMP Cockpit removing the existing certificate and try to import the new one.

-We are able to remove the certificate and got successful message.

-Importing the new certificate, getting an error says will not be able to import the certificate. It gives following error.

Import Failure: 500

Service Exception occured during import X509 certificate:

!IMPORT_X509_CERTIFICATE_FAIL: ![]Save keystore fail

2. So after removing the certificates, we have restarted the server and try to import new certificate, but surprisingly we still have the older certificate


None of the above steps was successful.

Please help us in solving this issue.

-Dinesh C R