Login via LDAPS fails with SSL Exception "the trustAnchors parameter must be non-empty"

search cancel

Login via LDAPS fails with SSL Exception "the trustAnchors parameter must be non-empty"

book

Article ID: 282034

calendar_today

Updated On: 04-12-2024

Products

CA Automic Workload Automation - Automation Engine

Issue/Introduction

When Using custom keystore path in JWP_KEYSTORE_PATH, Login via LDAPS fails with SSL Exception "the trustAnchors parameter must be non-empty".

While trying to log in to AWI the below error message is thrown by the JWP in the log file:

U00045014 Exception 'javax.naming.CommunicationException: "xx.yy.xxx.xx:636"' at 'com.sun.jndi.ldap.Connection.<init>()'.
U00045015 The previous error was caused by 'javax.net.ssl.SSLException: "Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty"' at 'sun.security.ssl.Alert.createSSLException()'.

Environment

CA Automic Workload Automation

21.x

Cause

Configuration Issue.

Resolution

Starting the JWP with the parameter -Djavax.net.ssl.trustStore=path_to_keystore and password worked in this scenario.

Feedback

thumb_up Yes

thumb_down No