Skip to Content
Last modified by Erik Bakker on 2024/09/03 13:24
From version 29.2
edited by eMagiz
on 2022/06/13 16:03
Change comment: Update document after refactoring.
To version 30.1
edited by Erik Bakker
on 2022/06/13 16:04
Change comment: There is no comment for this version

Summary

Details

Page properties
Title
... ... @@ -1,1 +1,1 @@
1 -rca-knowledgebase-unable-to-find-valid-certification-path
1 +Unable to find valid certification path
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.marijn
1 +XWiki.ebakker
Content
... ... @@ -1,18 +1,10 @@
1 -{{html wiki="true"}}
2 -<div class="ez-academy">
3 - <div class="ez-academy_body">
1 +{{container}}{{container layoutStyle="columns"}}(((
2 += Unable to find valid certification path =
4 4  
5 -<div class="doc">
6 -
7 -= RCA * Unable to find valid certification path =
8 -
9 9  In this document, we will use the information from the actual root cause analysis to make a generic view that can be used if you run into the same or a similar problem in the future. Finally, the document will describe the situation, the problem, the analysis, and the result.
10 10  
11 11  Should you have any questions, please get in touch with academy@emagiz.com.
12 12  
13 -* Last update: March 8th, 2022
14 -* Required reading time: 4 minutes
15 -
16 16  ===== Situation =====
17 17  
18 18  == 3. RCA * Unable to find valid certification path ==
... ... @@ -35,9 +35,9 @@
35 35  
36 36  To analyze the problem, we first looked at the errors within the environment to get a sense of the issue at hand. See below for the errors we saw.
37 37  
38 -<p align="center">[[image:rca-knowledgebase-unable-to-find-valid-certification-path--errors-in-emagiz-part-one.png||]]</p>
30 +[[image:Main.Images.RCA-Knowledgebase.WebHome@rca-knowledgebase-unable-to-find-valid-certification-path--errors-in-emagiz-part-one.png]]
39 39  
40 -<p align="center">[[image:rca-knowledgebase-unable-to-find-valid-certification-path--errors-in-emagiz-part-two.png||]]</p>
32 +[[image:Main.Images.RCA-Knowledgebase.WebHome@rca-knowledgebase-unable-to-find-valid-certification-path--errors-in-emagiz-part-two.png]]
41 41  
42 42  ==== 3.3.2 Call endpoint in Postman with SSL verification on ====
43 43  
... ... @@ -44,17 +44,17 @@
44 44  Secondly, we navigated to the endpoint via the browser to determine the certificate chain of the external party. Once we had established the certificate chain, we tested the connection via Postman.
45 45  When calling the external application with SSL verification turned on but no Certificates configured, we get the below error. This indicates that Postman does not trust the external party enough to establish a proper connection.
46 46  
47 -<p align="center">[[image:rca-knowledgebase-unable-to-find-valid-certification-path--postman-ssl-verification-on.png||]]</p>
39 +[[image:Main.Images.RCA-Knowledgebase.WebHome@rca-knowledgebase-unable-to-find-valid-certification-path--postman-ssl-verification-on.png]]
48 48  
49 49  The call works again when we add the intermediate certificate to the list of trusted certificates.
50 50  
51 -<p align="center">[[image:rca-knowledgebase-unable-to-find-valid-certification-path--postman-ssl-verification-on-configured-cert.png||]]</p>
43 +[[image:Main.Images.RCA-Knowledgebase.WebHome@rca-knowledgebase-unable-to-find-valid-certification-path--postman-ssl-verification-on-configured-cert.png]]
52 52  
53 53  ==== 3.3.3 Truststore configuration and configuration in eMagiz ====
54 54  
55 55  With these results, we have added the intermediate and the CA certificate to a custom truststore for the external party and linked the truststore to the HTTP outbound gateway.
56 56  
57 -<p align="center">[[image:rca-knowledgebase-unable-to-find-valid-certification-path--truststore-config-and-emagiz-config.png||]]</p>
49 +[[image:Main.Images.RCA-Knowledgebase.WebHome@rca-knowledgebase-unable-to-find-valid-certification-path--truststore-config-and-emagiz-config.png]]
58 58  
59 59  ===== Result =====
60 60  
... ... @@ -64,8 +64,4 @@
64 64  
65 65  When that is impossible, there should be ongoing communication between the external party and the implementation team at the eMagiz environment when certificates are changed or expired. Those moments could trigger the need to change the custom truststore that the integration team must use within the eMagiz model to establish the connection.
66 66  
67 -</div>
68 -</div>
69 -</div>
70 -
71 -{{/html}}
59 +)))((({{toc/}}))){{/container}}{{/container}}