SSLHandshakeException occurs when AFM connects to Risk Auth server
search cancel

SSLHandshakeException occurs when AFM connects to Risk Auth server

book

Article ID: 280768

calendar_today

Updated On:

Products

CA Risk Authentication CA Advanced Authentication CA Advanced Authentication - Risk Authentication (RiskMinder / RiskFort)

Issue/Introduction

After renewing root and intermediary certificates in Advanced Authentication, below error is encountered while connecting from AFM to Risk Authentication:

at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: 

Environment

Symantec Advanced Authentication 9.1.x

Resolution

If Risk Authentication Server is enabled with SSL, please update below properties in arcotafm.properties file with the renewed certificates information to resolve the issue:

# --------------------------------------------------------------------------
#  If RiskFortTRANSPORT_TYPE is TLS, the server presents a certificate
#  that is checked to see if it was issued by a trusted Certification
#  Authority; the list of trusted CAs is provided in a PEM encoded file
#  format.


RiskFortCA_CERT_FILE=<path_to_server_CA_certificate_in_PEM_format>
RiskFortCLIENT_P12_FILE=
RiskFortCLIENT_P12_PASSWORD=

Note:

  • RiskFortCA_CERT_FILE points to the location of the PEM encoded file that contains the root for RiskFort's SSL certificate. Required setting if RiskFortTRANSPORT_TYPE is TLS.
  • RiskFortClient_P12_FILE and RiskFortCLIENT_P12_PASSWORD refers to the client P12 File location and password.
Powered by Wolken Software