Punchout With SHA-2 Certificate Results In SSL Handshake Failed: X509CertChainInvalidErr Error (Doc ID 1926905.1)

Last updated on APRIL 04, 2025

Applies to:

Oracle iProcurement - Version 12.1.3 and later
Information in this document applies to any platform.

Symptoms

Suppliers are providing an updated version of SHA2 (SHA-2) SSL certificate, and it is observed that it is not possible to re-establish connectivity through the supplier's punchout after install of the new certificate.

Users encounter errors like the following:

Error Code: 201 Unable To Reach Supplier Site

SSL handshake failed: X509CertChainInvalidErr

All certificates from suppliers using SHA1 certificates work as expected; is use of version SHA2 certificates supported by iProcurement?

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Punchout With SHA-2 Certificate Results In SSL Handshake Failed: X509CertChainInvalidErr Error (Doc ID 1926905.1)

Applies to:

Symptoms

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!