how to change the order of certificate chain

Hi, All:

I’m using webMethods 6.1.
Recently I am working with webSphere partner to do a RN EDI. I’m sender, and he is receiver. Cerificates of Both He and I are 3 layer architecture.

Present case is that I was sending external documents (Pips) to his URL running ok,and I can get the ‘200’ response code. But he can not send acks to us. He showed me the error from his log was “out of order certificate”. He hoped I can correct the configuration of certificate order in my site. His mail detail is below.

[I][COLOR=“DarkRed”]Hi Kevin,

We discussed this again with the WAS support team at IBM who confirmed that while a non-WebSphere partner might have a looser implementation of the rules and work by not verifying what is being sent after the leaf certificate, the IBM JDK rules are stricter, and requires a valid chain to accept it.

In your case the logs show that the root certificate is presented after the leaf, which causes our JDK to issue the error.
A permanent solution to get this server to work with our JDK, is to correct the https server configuration to present the certificates in the correct sequence.



Please help me how to change the order of certificate in TN console or other place ??

We received other partners are all ok but him. I already checked my config as same as others.

So for this case, what should I do as other special methods ?

Thanks all, pls help me. ~