Unable to find a valid certification path to a requested target.
Article ID: KB0085224
Updated On:
| Products | Versions |
|---|---|
| TIBCO ActiveMatrix BusinessWorks | - |
| Not Applicable | - |
Description
Description:
In BW 6.x, using Send HTTP Request palette to access Google Calendar API using SSL. The palette is linked to a SSLClientResource. The SSLClientResource is linked to a keystore configuration. The keystore is configured as follows:
key store provider=SUN
type= JKS
BW throws the following error:
<CausedBy> Activity [SendHTTPRequest] fault.
<CausedBy> com.tibco.bw.palette.http.runtime.exceptions.HttpCommunicationException: TIBCO-BW-PALETTE-HTTP-500013: An IOException was thrown while trying to execute the Http method-{ActivityName=SendHTTPRequest, ProcessName=googlecalendarlistenerbw.getGoogleCalendarEventsREST, ModuleName=GoogleCalendarListenerBW.module}
<CausedBy> javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
<CausedBy> sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
<CausedBy> sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Symptoms:
BW throws the following error:
<CausedBy> Activity [SendHTTPRequest] fault.
<CausedBy> com.tibco.bw.palette.http.runtime.exceptions.HttpCommunicationException: TIBCO-BW-PALETTE-HTTP-500013: An IOException was thrown while trying to execute the Http method-{ActivityName=SendHTTPRequest, ProcessName=googlecalendarlistenerbw.getGoogleCalendarEventsREST, ModuleName=GoogleCalendarListenerBW.module}
<CausedBy> javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
<CausedBy> sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
<CausedBy> sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Cause:
certificate chain is not complete
In BW 6.x, using Send HTTP Request palette to access Google Calendar API using SSL. The palette is linked to a SSLClientResource. The SSLClientResource is linked to a keystore configuration. The keystore is configured as follows:
key store provider=SUN
type= JKS
BW throws the following error:
<CausedBy> Activity [SendHTTPRequest] fault.
<CausedBy> com.tibco.bw.palette.http.runtime.exceptions.HttpCommunicationException: TIBCO-BW-PALETTE-HTTP-500013: An IOException was thrown while trying to execute the Http method-{ActivityName=SendHTTPRequest, ProcessName=googlecalendarlistenerbw.getGoogleCalendarEventsREST, ModuleName=GoogleCalendarListenerBW.module}
<CausedBy> javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
<CausedBy> sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
<CausedBy> sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Symptoms:
BW throws the following error:
<CausedBy> Activity [SendHTTPRequest] fault.
<CausedBy> com.tibco.bw.palette.http.runtime.exceptions.HttpCommunicationException: TIBCO-BW-PALETTE-HTTP-500013: An IOException was thrown while trying to execute the Http method-{ActivityName=SendHTTPRequest, ProcessName=googlecalendarlistenerbw.getGoogleCalendarEventsREST, ModuleName=GoogleCalendarListenerBW.module}
<CausedBy> javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
<CausedBy> sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
<CausedBy> sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Cause:
certificate chain is not complete
Issue/Introduction
Unable to find a valid certification path to a requested target.
Resolution
The error is caused by an incomplete certificate chain in the keystore. To resolve this error, do the following:
- GoogleInternetAuthorityG2
- *.google.com
keytool -importcert -alias GeoTrustGlobalCA -keystore my.jks -file /Users/GeoTrustGlobalCA.pem
keytool -importcert -alias *.google.com -keystore my.jks -file /Users/\*.google.com.pem
Access Google Calendar API in Firefox. Export the three certificates:
- GoogleInternetAuthorityG2
- *.google.com
then import all three into the JKS file.
keytool -importcert -alias GeoTrustGlobalCA -keystore my.jks -file /Users/GeoTrustGlobalCA.pem
keytool -importcert -alias *.google.com -keystore my.jks -file /Users/\*.google.com.pem
Feedback
Yes
No
Powered by
