Symantec IGA

Expand all | Collapse all

CA idm 12.6.7 OS400 Connector over SSL Failed to create new endpoint

Jump to Best Answer
  • 1.  CA idm 12.6.7 OS400 Connector over SSL Failed to create new endpoint

    Posted 07-20-2017 05:25 PM

    Hi all,

     

    I have an AS/400 instance, which has a server certificate, issued by a root CA (so, 2 certificates in the chain).

     

    I imported both certificates in 4 keystores:

    1) windows keystores, using mmc - certificates - local machine - trusted root

    2) java connector server cacerts, on JCS/jvm/lib/security

    3) jdk cacerts

    4) jre cacerts

     

    also, i added both certs to the CS web console's certficitation tab.

    (then restarted both CS and JCS).

     

    Exception shown when I create endpoint is: SSLHandShakeException: pkix path building failed: CertPathBuilderException: Could not build a validated path.

     

    is there some keystore else where I should place the server certificate?



  • 2.  Re: CA idm 12.6.7 OS400 Connector over SSL Failed to create new endpoint
    Best Answer

    Posted 07-21-2017 10:15 AM

    The link to the product documentation on the OS400 certificate can be found at:

    How to Secure Your Information (Optional) - CA Identity Management & Governance Connectors - CA Technologies Documentati… 

     

    If you continue to have problems you may be best with opening a support case.



  • 3.  Re: CA idm 12.6.7 OS400 Connector over SSL Failed to create new endpoint

    Posted 07-27-2017 09:04 AM

    Hi all, it was a problem with OS/400 (about user permissions), on IDM side was correct. Thanks!



  • 4.  Re: CA idm 12.6.7 OS400 Connector over SSL Failed to create new endpoint

    Posted 07-27-2017 04:59 PM

    We saw this issue as well. Imported certificate into C:\Program Files (x86)\CA\Identity Manager\Connector Server\jcs\conf\ssl.keystore and it worked.

     

    Ranga Vinjamuri