search cancel

DevTest IAM LDAPS Error:sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]

book

Article ID: 129536

calendar_today

Updated On:

Products

CA Application Test CA Continuous Application Insight (PathFinder) Service Virtualization

Issue/Introduction

Calling LDAPS from DevTest IAM and getting this error when Testing Authentication:

2019-03-01 15:50:45,443 ERROR [org.keycloak.services] (default task-56) KC-SERVICES0055: Error when authenticating to LDAP: simple bind failed: cscrotld.keybank.com:636: javax.naming.CommunicationException: simple bind failed: cscrotld.keybank.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]

 

Environment

All supported DevTest releases.

Cause

The IAM iam-truststore.ks does not have the needed certificates for accessing the LDAPS server.

Resolution

Import the LDAPS server certificates in the iam-truststore.ks located in folder DEVTEST_HOME/IdentityAccessManager.


! Important Note ! : Please make sure that along with server certificate, all the intermediate certificates along with Root CA certificate which are part of the certificate chain are imported in the iam trust store.

Restart IAM.