"HTTP transport error ... Certificate Chaining Error" when trying to configure the System Audit Logs

Troubleshooting

Problem

User tries to configure the System Audit Logs. User receives error

Symptom

HTTP transport error: javax.net.ssl.SSLHandshakeException:

com.ibm.jsse2.util.g: PKIX path building failed: java.security.cert.CertPathBuilderException:

PKIXCertPathBuilderImpl could not build a valid certPath.;internal cause is: java.security.cert.CertPathValidatorException: The certificate

issued by CN=rootcertificatename.domain.com, OU=Company Infrastructure, O=Company Name,L=City, ST=Sate, C=Country, EMAILADDRESS=certadmin@domain.com is not trusted;

internal cause is: java.security.cert.CertPathValidatorException: Certificate chaining error

com.ibm.jsse2.util.g:PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid certPath.;internal cause is: java.security.cert.CertPathValidatorException: The certificate issued by CN=rootcertificatename.domain.com, OU=Company Infrastructure, O=Company Name,L=City, ST=Sate, C=Country, EMAILADDRESS=certadmin@domain.com is not trusted;

internal cause is: java.security.cert.CertPathValidatorException: Certificate chaining error

PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid certPath.;internal

cause is: java.security.cert.CertPathValidatorException: The certificate issued by CN=rootcertificatename.domain.com, OU=Company Infrastructure, O=Company Name,L=City, ST=Sate, C=Country, EMAILADDRESS=certadmin@domain.com is not trusted;

internal cause is: java.security.cert.CertPathValidatorException: Certificate chaining error

PKIXCertPathBuilderImpl could not build a valid certPath The certificate issued by CN=rootcertificatename.domain.com, OU=Company Infrastructure, O=Company Name,L=City,ST=Sate, C=Country, EMAILADDRESS=certadmin@domain.com is not trusted

Certificate chaining error

Cause

Customer's self-signed SSL (HTTPS) certificate has not been imported into the user java environment (located in the Controller client installation folder, on the client device).

Environment

Controller configured to use SSL (HTTPS) using a self-signed (non-commercial) encryption certificate.

Resolving The Problem

Import the SSL rootcertificate (i.e. the certificate mentioned in the error message) into the JRE environment on the user's computer (or where the Controller client is running, for example a Citrix server).

Steps:

See separate IBM Technote #1495669.

Related Information

1495669 - "Error creating bean with name 'idGenerator'.

[{"Product":{"code":"SS9S6B","label":"IBM Cognos Controller"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Controller","Platform":[{"code":"PF033","label":"Windows"}],"Version":"10.1","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Tips

"HTTP transport error ... Certificate Chaining Error" when trying to configure the System Audit Logs

Troubleshooting

Problem

Symptom

Cause

Environment

Resolving The Problem

Related Information

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?