Skip to Content
Last modified by Erik Bakker on 2024/09/03 13:24
From version 30.1
edited by Erik Bakker
on 2022/06/13 16:04
Change comment: There is no comment for this version
To version 31.1
edited by Erik Bakker
on 2022/06/13 16:04
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -5,8 +5,6 @@
5 5  
6 6  Should you have any questions, please get in touch with academy@emagiz.com.
7 7  
8 -===== Situation =====
9 -
10 10  == 3. RCA * Unable to find valid certification path ==
11 11  
12 12  === 3.1 Situation ===
... ... @@ -13,14 +13,10 @@
13 13  
14 14  On a specific working day, a connection between eMagiz and an external REST service broke down due to errors related to certificate problems. The external party updated the trusted certificates, but they did not notify the client team working on the eMagiz solution.
15 15  
16 -===== Problem =====
17 -
18 18  === 3.2 Problem ===
19 19  
20 20  As a result of these actions, no data could be supplied to the system before the problem was resolved.
21 21  
22 -===== Analysis =====
23 -
24 24  === 3.3 Analysis ===
25 25  
26 26  ==== 3.3.1 Errors in eMagiz ====
... ... @@ -48,8 +48,6 @@
48 48  
49 49  [[image:Main.Images.RCA-Knowledgebase.WebHome@rca-knowledgebase-unable-to-find-valid-certification-path--truststore-config-and-emagiz-config.png]]
50 50  
51 -===== Result =====
52 -
53 53  === 3.4 Result ===
54 54  
55 55  The analysis concluded that there is a mismatch between the certificates used at the external party and those on default trusted by various software parties (including Java). The best course of action would be to use a certificate structure in which the entire certificate chain (intermediate and CA) is trusted adequately on default. This removes the need for custom configuration in the form of a custom truststore that needs to be managed at the eMagiz side and updated every time the external parties certificate changes.