Trading networks AS2 SunCertPathBuilderException: unable to find valid certification path

, ,
#1

Greetings, I have tried to send a file via TN using AS2(HTTPS),
I have set my trading partner with Sign/Verify certificate, Encrypt/Decrypt certificate(it’s the same certificate and it is self-signed) and configured routes. I have added this certificate to truststore and I restarted IS.

However when trying to send the document I get the following error:

Delivery Failed: java.io.IOException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

My question - do I have to set some SSL certificate in Partner Profile as well? Should it be SSL web server certificate(or its chain)?. I am able to telnet to target host and port from IS machine, so I guess setting SSL certificate is not required in Partner Profile?
Or should I set SSL web server certificate for HTTPS in keystore?

#2

To add more info - while testing a flow which sends it using given receiver ID I am getting following error:

Error encountered in wm.tn.security:getSigningKeyAndChain. Private key not defined. Please call wm.tn.security:getVerifyingChain.

wm.tn.security:getVerifyingChain service suggested in error returns a chain (containing a single self signed certificate which I mentioned).

I tried both PEM and DER self signed certificate in truststore, same result

#3

Hi Tom,

In case you have resolved the issue, could you please explain what did you do?

Also, in case you haven’t then have you followed all the steps like adding the certificate to keystore, refreshing the keystore in IS and installing the certificates in MWS ?

Thanks,
Abhinav

#4

Hi Abhinav,

I have solved the issue, but it’s been a while and I forgot what I did to fix it, since there were many issues with this partner for me, which ended up in having to generate new certificate and keystore from our side.

#5

Good to know that the issue got resolved. In case you recollect the solution please post it here for greater good of all.

Thanks

#6