Failed to validate certificate. The Application will not be exectuted.

book

Article ID: 49615

calendar_today

Updated On:

Products

CA Workload Automation AE - Business Agents (AutoSys) CA Workload Automation AE - Scheduler (AutoSys) CA Workload Automation Agent CA Process Automation Base

Issue/Introduction

Description:

Not all SSL Certificate Keys allow for the signing of our Jar files and will cause the following error to be displayed even after following the instructions within the PAM documentation on using a 3rd party SSL Certificate:

sun.security.validator.validatorexception: extended key usage does not permit use for code signing

<Please see attached file for image>

Figure 1

<Please see attached file for image>

Figure 2

Solution:

There are two solutions to this.

  1. Contact the Certificate Authority and get a new certificate which can be used for code signing.

  2. Do the following: -

    1. Stop Orchestrator.

    2. Make the switch back to PAM s self-signed certificate.

    3. Sign the jars.

    4. Switch the certificate to the Authority provided certificate. DO NOT sign jars again!

    5. Start Orchestrator.

If option 2 is utilized: every time a patch or connector is installed the same process will have to be done to re-sign the new Jar files.

Environment

Release: ITPASA99000-3.1-Process Automation-Add On License for-CA Server Automation
Component:

Attachments

1558712672517000049615_sktwi1f5rjvs16spi.gif get_app
1558712670544000049615_sktwi1f5rjvs16sph.gif get_app