I have an AS/400 instance, which has a server certificate, issued by a root CA (so, 2 certificates in the chain).
I imported both certificates in 4 keystores:
1) windows keystores, using mmc - certificates - local machine - trusted root
2) java connector server cacerts, on JCS/jvm/lib/security
3) jdk cacerts
4) jre cacerts
also, i added both certs to the CS web console's certficitation tab.
(then restarted both CS and JCS).
Exception shown when I create endpoint is: SSLHandShakeException: pkix path building failed: CertPathBuilderException: Could not build a validated path.
is there some keystore else where I should place the server certificate?
The link to the product documentation on the OS400 certificate can be found at:
How to Secure Your Information (Optional) - CA Identity Management & Governance Connectors - CA Technologies Documentati…
If you continue to have problems you may be best with opening a support case.
Hi all, it was a problem with OS/400 (about user permissions), on IDM side was correct. Thanks!
We saw this issue as well. Imported certificate into C:\Program Files (x86)\CA\Identity Manager\Connector Server\jcs\conf\ssl.keystore and it worked.