My Oracle Support Banner

Siebel IP2017 Installing Signed Certificates into Application Container Keystore renders HTTPS URL Inaccessible (Doc ID 2416946.1)

Last updated on AUGUST 21, 2018

Applies to:

Siebel CRM - Version 17.0 [IP2017] and later
Information in this document applies to any platform.

Symptoms

On : 18.4 version, Security / Authentication

When attempting to access Siebel HTTPS URL after setting up signed certificates, URL does not come up and the following error occurs.

ERROR
-----------------------
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

STEPS
-----------------------
The issue can be reproduced at will with the following steps:
1. Create keystore using Doc ID: 2294567.1.
2. Procure the signed certificates from third party CA and import the certificate chain into the keystore.
3. Trust the certificate and verify the certificate installation using keytool utility.
4. Replace the siebel_keystore.jks under $AI_HOME/applicationcontainer/siebelcerts/siebel_keystore.jks with the imported signed certificate keystore.
5. Restart Tomcat Services.


Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.