How do I resolve "FATAL Alert:BAD_CERTIFICATE - A corrupt or unusable certificate was received" when making an Ajax call(Post) from WIDM to another application?

book

Article ID: 41766

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On

Issue/Introduction

Issue

When attempting to make a AJAX web service call to another application it will fail with the error message:

"FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received"

 

Environment:  

This occurs in environments where Identity Manager is deployed on the WebLogic application server.

 

Cause: 

This is most often caused by using Wild Card certificates. 

For example:

"keytool -list -v -{keystore your_trust_store}"

Owner: CN=*.ca.com, OU=Domain, O=*.ca.com

Shows a wild card certificate being used by the remote application.

 

Resolution:

This will need to be resolved with the assistance of your WebLogic admin as there are a number of possible resolutions from getting non-wild card certificate(s), disabling hostname verification within WebLogic, to creating a HostnameVerifier.

The following links may be of some assistance:

https://community.oracle.com/thread/1059388?tstart=0

http://jandrewthompson.blogspot.com/2010/04/weblogic-and-wildcard-ssl-certificates.html

Environment

Release:
Component: IDMGR