WSM-00062 : The path to the certificate used for the signature is invalid Error Occurs when Using a Message Protection Policy (Doc ID 2134634.1)

Last updated on MAY 17, 2016

Applies to:

Oracle Web Services Manager - Version 11.1.1.7.0 and later
Information in this document applies to any platform.

Goal

Getting the following error message when using an OWSM policy:

[ERROR] [WSM-07618] [oracle.wsm.resources.enforcement] [tid: [ACTIVE]...[WSM_POLICY_NAME: oracle/wss11_saml_or_username_token_with_message_protection_service_policy] Failed to execute the assertion "WS-Security 1.1 Saml with certificates" in the conditional policy. FailedAuthentication : The security token cannot be authenticated.[[
oracle.wsm.common.sdk.WSMException: FailedAuthentication : The security token cannot be authenticated.
..
Caused by: oracle.wsm.security.SecurityException: WSM-00062 : The path to the certificate used for the signature is invalid.
at oracle.wsm.security.policy.scenario.processor.Wss11X509TokenProcessor.verifyRequest(Wss11X509TokenProcessor.java:1175)
..
Caused by: java.security.cert.CertPathValidatorException: Algorithm constraints check failed: MD5withRSA
at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:159)

Why is this error occurring? How can this error be overcome?
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms