E1: ORCH: Login in Orchestrator Studio Fails With "sun.security.validator.ValidatorException: PKIX path building failed" Error When Custom Identity and Custom Trust Stores Are Used for HTTPS Communication and Internal JSON Web Token Generation (Doc ID 2937852.1)

Last updated on AUGUST 19, 2024

Applies to:

Symptoms

Login in Orchestrator Studio fails when custom identity and custom trust store are used for HTTPS communication and the same custom identity and custom trust stores are used for internal JSON Web Token (JWT) generation.

The error shown when attempting to login is as follows:

In AIS e1root log the following error is recorded:

Changes

Using an owned Public Key Infrastructure (PKI), a custom identity with an owned signed certificate and a trust store have been added to be used for HTTPS communication between the AIS server and dedicated JAS server. The same identity store has been configured in REST.INI for Application Interface Services JWT Generation Settings ([JWT GEN] section in REST.INI) and the same trust store has been configured in JAS.INI for AIS Internal JWT Trust Configuration for Authentication ([SECURITY] section in JAS.INI).

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.