E-IB/MCF: "Error communicating with server: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target" (Doc ID 1634045.1)

Last updated on AUGUST 04, 2017

Applies to:

PeopleSoft Enterprise PT PeopleTools - Version 8.50 and later
Information in this document applies to any platform.
****Checked for relevance on 16-Sep-2015 ****
****Checked for relevance on 17-Jul-2017 ****

Symptoms

Scenario 1:

Sample Environment:
----------------
PeopleTools 8.53.10
CRM 9.0  Test environment

Issue:
------
The site is testing a SOAP based integration via sendmaster test utility and receives the following error when posting the message to PeopleSoftServiceListeningConnector.

Error:
-----
Error communicating with server: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target


Impact:
--------
Not able to test services via delivered sendmaster utility

Scenario 2:

PeopleTools 8.55


After changing the email server from Gmail to Outlook (outlook.office365.com), the emailing functionality stopped working. Testing the emailing functionality on the sample pages produces the following error.

ERROR
-----------------------
"Cannot Connect to the mail server (162, 1560)"

javax.mail.MessagingException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:

unable to find valid certification path to requested target;nested exception is:javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX

path building failed:sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:335)

 

Weblogic Log shows the following SSL data  and the certificate_unknown error.

####<Jul 28, 2017 5:31:10 AM
EDT> <Notice> <Stdout>
<camb-psfind01.forrester.com> <PIA> <[ACTIVE]
ExecuteThread: '0' for queue: 'weblogic.kernel.Default
(self-tuning)'> <<WLS Kernel>> <> <>
<1501234270721> <BEA-000000> <chain [0] = [
[
Version: V3
Subject: CN=outlook.com, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US
Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11

Key: Sun RSA public key, 2048 bits

modulus:
20592551373997025776733205484003273158818004004262081850461110887609158752386925779556754792957355061994765551746047876722989358547868159881876553737548284321778490674998945650693793279729803442178438348724008388400618811469617043379549669754173280470823582048272145622201558918811555802785633733920913383761308582786362459040131286874936920839552645276781410084332808171856082319337425776341134162876395837845931893392532036052130911127825407022101561179655577854185100580797934328473346667560887919881655963407873415979096100054529563123941768213183446573088586313228978227958886647529452787977736540800908123928121
public exponent: 65537
Validity: [From: Sun Apr 02 20:00:00 EDT 2017,
To: Tue Apr 03 08:00:00 EDT 2018]
Issuer: CN=DigiCert Cloud Services CA-1, O=DigiCert Inc, C=US
SerialNumber: [ 08493541 0975e413 ebf074bb 740ce942]

..
..
..

####<Jul 28, 2017 5:31:10 AM EDT> <Notice> <Stdout>
<camb-psfind01.forrester.com> <PIA> <[ACTIVE]
ExecuteThread: '0' for queue: 'weblogic.kernel.Default
(self-tuning)'> <<WLS Kernel>> <> <>
<1501234270745> <BEA-000000> <[ACTIVE] ExecuteThread: '0'
for queue: 'weblogic.kernel.Default (self-tuning)', SEND TLSv1 ALERT:
fatal, description = certificate_unknown>

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms