"processed/error: authentication-failed" EDIINT document

Hi All,

We have an ongoing production issue in the production, Please help me .
Please find the details of below.

Webmethods version:9.5
Core Fix: IS_9.5_SP1_Core_Fix5
TN Fix: TNS_9.5_SP1_Fix4
Document Type: EDIINT
Certificate type: Self signged

Whenever we receive a request from partner ( Http), it invokes routing rule EDIINT Process Message which internally calls the service wm.EDIINT.rules:processMsg. While invoking wm.EDIINT.rules:processMsg service it validates the security with service wm.EDIINT.util:getSecurity.
While validating if the certificate is null (due to any issue) it throws an error “authentication failed”.

We manually executed the service with production certificate details and it is failing when we pass partner certificate and throws below error.

com.wm.app.b2b.server.ServiceException: Error encountered in wm.tn.security:getSigningKeyAndChain.
Private key not defined. Please call wm.tn.security:getVerifyingChain. com.wm.app.tn.err.EXMLException com.wm.app.tn.err.EXMLException: at wm.tn.security.getSigningKeyAndChain

In the MWS we could see the file with the User Startus as ProcessMsg:ERROR and during the encrypt and decrypt its failing with the message as “processed/error: authentication-failed”.

The same certificate we are using in the lower environments its working fine without any issues. Could someone please help me on this.
Thanks in advance.

I believe your TP is sending the Cert chain not in expected order or it’s not matching the cert that you have in your Receiver profile and best bet is troubleshoot having both partner and your team to clear this kind of TN authentication error.

HTH,
RMG

Hi RMG,

Thank you so much for the reply.
The cert which is configured on our side is provided by TP only and more over the same cert is used is used in lower environments, and its working fine without any issues. All the environments are having the same kind of setup. As you said , it could be the cert mismatch… but the sender claims its configured fine at their end. Do we have any way to cross verify whether the sender has configured the certs properly or not . please suggest.

//Hari

Hi Hari,
Did you load the partner’s cert to the Truststore and clear the SSL cache? I’m not familiar with version 9.5 and, perhaps, this is not required in your scenario at the version, but mentioning just in case.
Regards,
Mary

@ Mary

Yes, We have loaded the cert to truststore and cleared the cache too… The strange thing here is the same cert is working fine in lower environment and when it comes to prod , its not working.

Regards
Hari

Hello Hari,

There can be many reasons for the error.

Firstly please cross verify if sender id and receiver id is properly configuration in your production environment and partner is sending the correct values for them.

Then try increasing the logging level of server and see what error you are getting and act accordingly.

Regards,
Syed Faraz Ahmed

The error message is pretty clear:
Private key not defined. Please call wm.tn.security:getVerifyingChain.</…

Check your sender’s TN profile, check if the private key is defined there.