Univiewer Webconsole impossible to start because of a certificate validation issue.-- OCSP response error: MALFORMED_REQUEST
search cancel

Univiewer Webconsole impossible to start because of a certificate validation issue.-- OCSP response error: MALFORMED_REQUEST

book

Article ID: 277328

calendar_today

Updated On:

Products

CA Automic Dollar Universe

Issue/Introduction

Univiewer Webconsole does not when the JNLP has been downloaded has and submitted.

A panel indicating a certificate validation issue shows up:
 


Error message:

=====================================================
java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: OCSP response error: MALFORMED_REQUEST

at com.sun.deploy.security.RevocationChecker.checkOCSP(Unknown Source)

at com.sun.deploy.security.RevocationChecker.check(Unknown Source)

at com.sun.deploy.security.TrustDecider.checkRevocationStatus(Unknown Source)

at com.sun.deploy.security.TrustDecider.getValidationState(Unknown Source)

at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source)

at com.sun.deploy.security.TrustDecider.isAllPermissionGrantedInt(Unknown Source)

at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)

at com.sun.javaws.security.AppPolicy.grantUnrestrictedAc
=====================================================

OCSP : Online Certificate Status Protocol

Environment

Univiewer Webconsole 6.10.81 on Tomcat 8.0.5

Cause

The cause of the this problem comes abruptly is still investigated.

Resolution

The workaround in case this problem occurs on a infrastructure consists in bypassing the Certification Validation failure by OCSP. There the Advanced Security Settings for Java must be adjusted. The OCSP operation must be unchecked as follows:




Additional Information

More about the OCSP failure and the workaround can be read here:

https://www.kunxi.org/2015/01/bypass-the-certpathvalidatorexception-caused-by-malformed-ocsp-response

and

https://community.oracle.com/mosc/discussion/4555651/problem-with-ocsp-running-forms-applications