E-SSL: App Servers only Support up to 1024 Bit Size Public Key SSL Certificates in PeopleTools Releases Prior to 8.52 (Doc ID 652445.1)

Last updated on MAY 15, 2017

Applies to:

PeopleSoft Enterprise PT PeopleTools - Version 8.47 to 8.51 [Release 8.4]
Information in this document applies to any platform.
****Check relevance at 07-29-2014*******

This document was previously published as Customer Connection Solution 201032386




Symptoms

In a PeopleTools release prior to 8.52:

On the Digital Certificates page, getting corrupt certificate error when you try to import root certificate of size larger than 1024 bit.

In Gateway keystore, you may have "java.lang.Exception: Input not an X.509 certificate" error when you import the certificate into keystore.

Or even if you manage to import the root certificate into keystore, when you ping a node or try to load gateway connectors, you may get "HttpTargetConnector:PSHttpFactory init or setCertificate failed", or "Integration Gateway: General Connection Failed (158,10836)" online, with "PSJNI: Java exception thrown: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Untrusted Server Certificate Chain" in the app server log.

After setting higher tracing level, it may also show the following error in the log when pinging a node.
SunX509: skip default keystore: java.security.cert.CertificateParsingException: java.io.IOException: subject key, Unknown key spec: Invalid RSA modulus size.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms