XML Gateway Outbound POXML Shows Error: Java.security.cert.CertificateException Invalid Signatures After Configuring JDK Truststore With SHA2 SSL certificate Using IBM AIX Java
(Doc ID 2003001.1)
Last updated on FEBRUARY 23, 2019
Applies to:Oracle XML Gateway - Version 18.104.22.168 to 12.2.4 [Release 11.5.10 to 12.2]
Information in this document applies to any platform.
The PO XML delivery is failing during SHA2 type SSL certificate authentication where the XML Gateway Transaction monitor shows the following error:
The SSL Debug log shows:
Keystore type: jks
Keystore provider: IBMJCE
15/04/15 10:39:32 %% Invalidated: [Session-7, SSL_RSA_WITH_RC4_128_SHA]
15/04/15 10:39:32 Thread-49, SEND TLSv1 ALERT: fatal, description = certificate_unknown
15/04/15 10:39:32 Thread-49, WRITE: TLSv1 Alert, length = 2
15/04/15 10:39:32 Thread-49, called closeSocket()
15/04/15 10:39:32 Thread-49, handling exception: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Invalid signatures
The oc4j.properties was changed to point the java clients (such as OXTA) to a new jdk truststore. This was to facilitate the SHA2 SSL certificate for the trading partner.
The certificates were imported into the new trust store and the oafm services restarted.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document