XML Gateway Outbound POXML Shows Error: Java.security.cert.CertificateException Invalid Signatures After Configuring JDK Truststore With SHA2 SSL certificate Using IBM AIX Java
Last updated on SEPTEMBER 30, 2016
Applies to:Oracle XML Gateway - Version 220.127.116.11 to 12.2.4 [Release 11.5.10 to 12.2]
Information in this document applies to any platform.
The PO XML delivery is failing during SHA2 type SSL certificate authentication where the XML Gateway Transaction monitor shows the following error:
The SSL Debug log shows:
Keystore type: jks
Keystore provider: IBMJCE
15/04/15 10:39:32 %% Invalidated: [Session-7, SSL_RSA_WITH_RC4_128_SHA]
15/04/15 10:39:32 Thread-49, SEND TLSv1 ALERT: fatal, description = certificate_unknown
15/04/15 10:39:32 Thread-49, WRITE: TLSv1 Alert, length = 2
15/04/15 10:39:32 Thread-49, called closeSocket()
15/04/15 10:39:32 Thread-49, handling exception: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Invalid signatures
The oc4j.properties was changed to point the java clients (such as OXTA) to a new jdk truststore. This was to facilitate the SHA2 SSL certificate for the trading partner.
The certificates were imported into the new trust store and the oafm services restarted.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms