Please login or register to access secure site features.

Note: By continuing to use DevConnect Program Services you agree to our latest Registered Member Terms.

Sign in using DevConnect ID

Forgot password?

Trouble logging in?

Submit a ticket for Registration Support.

I have an SSO ID

?
sign in

Don't have a DevConnect or SSO ID ?

Create a DevConnect account or join the program.

register now
^
Forum Index » Avaya Orchestration Designer » Hitting error of javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException   XML
 
Author Message
CharleneNg



Joined: 29/09/2015 01:28:03
Messages: 6
Offline

Hi,


I have just recently upgraded my IVR application from v7.0.1 (tomcat 7.0.77) to v7.23 with tomcat 9.0.46.

However, I'm hitting following error when trying to call the webservice from my IVR application.

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Currently, i'm using:

EPM 7.2.3
WebLM License 7.0
JDK 1.8.0_241-b07
Tomcat 9.0.46


with weblm certificate stored in

/app/tomcat/lib/trusted_weblm_certs.jks


and a SSL certificate stored in path:
/app/conf/ssl/xxx.xxxx.xxx.jks


Here i attached my DDRuntime License & Certificate setup for your reference.
Kindly advise.



Application Logs:


03/06/2021 15:10:58:626 INFO - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Using SCESession C211D09D474CBC254704D65598F825E5:/AIG_GSD servlet : Start
03/06/2021 15:10:58:638 INFO - C211D09D474CBC254704D65598F825E5:/AIG_GSD : ** Pushed Stack Frame [/AIG_GSD]
03/06/2021 15:10:58:641 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Creating variable [defaultVdnEn] from factory [com.avaya.vp.admin.variables.runtime.AdminVariableFactory]
03/06/2021 15:10:58:643 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Admin SimpleVariable:getSimpleVariable(): return admin simple variable - defaultVdnEn
03/06/2021 15:10:58:643 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Creating variable [defaultVdnJp] from factory [com.avaya.vp.admin.variables.runtime.AdminVariableFactory]
03/06/2021 15:10:58:643 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Admin SimpleVariable:getSimpleVariable(): return admin simple variable - defaultVdnJp
03/06/2021 15:10:58:643 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Creating variable [IncomingJAP] from factory [com.avaya.vp.admin.variables.runtime.AdminVariableFactory]
03/06/2021 15:10:58:643 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Admin SimpleVariable:getSimpleVariable(): return admin simple variable - IncomingJAP
03/06/2021 15:10:58:643 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Creating variable [appPropertiesFilePath] from factory [com.avaya.vp.admin.variables.runtime.AdminVariableFactory]
03/06/2021 15:10:58:644 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Admin SimpleVariable:getSimpleVariable(): return admin simple variable - appPropertiesFilePath
03/06/2021 15:10:58:644 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Creating variable [IncomingENG] from factory [com.avaya.vp.admin.variables.runtime.AdminVariableFactory]
03/06/2021 15:10:58:644 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Admin SimpleVariable:getSimpleVariable(): return admin simple variable - IncomingENG
03/06/2021 15:10:58:645 INFO - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Storing :session___sessionid to complex: session:sessionid as [AP1AMPP3CTRL02-2021154071129-17]
03/06/2021 15:10:58:654 INFO - C211D09D474CBC254704D65598F825E5:/AIG_GSD : runtime_platform : Experience Portal
03/06/2021 15:10:58:654 INFO - C211D09D474CBC254704D65598F825E5:/AIG_GSD : runtime_asr : Desktop Microsoft Speech SAPI
03/06/2021 15:10:58:658 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Acquiring initial License
03/06/2021 15:10:58:658 INFO - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Acquiring Avaya Platform runtime license
03/06/2021 15:10:58:658 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Using license server - https://10.52.121.85:8443/WebLM/LicenseServer
03/06/2021 15:10:58:658 INFO - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Using license check timeout :0
03/06/2021 15:10:58:719 INFO - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Runtime :true
03/06/2021 15:10:58:719 INFO - C211D09D474CBC254704D65598F825E5:/AIG_GSD : IC :true
03/06/2021 15:10:58:719 INFO - C211D09D474CBC254704D65598F825E5:/AIG_GSD : CTI :true
03/06/2021 15:10:58:723 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : Grace Period timer cleared
03/06/2021 15:10:58:726 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : License refresh timer started
03/06/2021 15:10:58:727 INFO - C211D09D474CBC254704D65598F825E5:/AIG_GSD : MessageType is speech

......................


getServcie Method Start
03/06/2021 15:11:19:397 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : session id:AP1AMPP3CTRL02-2021154071129-17 | Servcie now URL is https://aigm3.service-now.com/api/aigg2/user_department_businessunits?employee_no=5248313&active=true&sysparm_exclude_reference_link=true
03/06/2021 15:11:19:397 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : session id:AP1AMPP3CTRL02-2021154071129-17 | auth string: Basic aXZyLmN0aUBhaWcuY29tOmN0aTJzblFBIw==
03/06/2021 15:11:19:397 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : session id:AP1AMPP3CTRL02-2021154071129-17 | Servcie now Set header
03/06/2021 15:11:19:776 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : session id:AP1AMPP3CTRL02-2021154071129-17 | Servcie Now Error : javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
03/06/2021 15:11:19:776 DEBUG - C211D09D474CBC254704D65598F825E5:/AIG_GSD : session id:AP1AMPP3CTRL02-2021154071129-17 | Servcie now response is :



Catalina logs:

03-Jun-2021 15:10:09.158 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in [16294] milliseconds
OD CALL THIS======VPAppLogClientBase.setEPMWebSErviceClient() is calling...
VPAppLogClientBase:setEPMWebServicesClient: setting epmWebSErvicesClientBase instance first time
VPAppLogClientBase:getAxis2PrimaryUrl: axis2 vpms primary url: 10.52.121.85
VPAppLogClientBase:getReportUrl() - report URL is: https://10.52.121.85/axis2/services/VPAppLogService
VPAppLogClientBase.getEPMWebServicesCientBaseFromMapForAlarm() - reportURL: https://10.52.121.85/axis2/services/VPAppLogService
VPAppLogClientBase.getEPMWebServicesCientBaseFromMapForAlarm() - not found EPMWebServicesClientBase instance for https://10.52.121.85/axis2/services/VPAppLogService
VPAppLogClientBase.setEPMWebServicesClientBaseForAlarm() - add EPMWebServicesClientBase for https://10.52.121.85/axis2/services/VPAppLogService
BatchLogWriterBase:isLogWriterThreadRunning: GUID: reportURL: https://10.52.121.85/axis2/services/VPAppLogService
BatchLogWriterBase:isLogWriterThreadRunning: false
BatchLogWriterBase:isLogWriterThreadCDRSDRRunning: GUID: reportURL: https://10.52.121.85/axis2/services/VPAppLogService
BatchLogWriterBase:isLogWriterThreadCDRSDRRunning: false
VPAppLogClientBase:setEPMWebServicesClient: batchLogWriter and batchLogWriterCDRSDR threads are not running: https://10.52.121.85/axis2/services/VPAppLogService save to the map
VPAppLogClientBase:constructor initialize log4j properties
VPAppLogClientBase:getLogFilePath - /app/tomcat/webapps/AIG_GSD//../../logs
VPAppLogClient:initLog4j: log4j log file path: /app/tomcat/webapps/AIG_GSD//../../logs
getClassPath():cpath: /app/tomcat/lib/VPAppLogClient_7.2.3.jar
getClassPath():decodePath: /app/tomcat/lib/VPAppLogClient_7.2.3.jar
getClassPath():location: file:/app/tomcat/lib/VPAppLogClient_7.2.3.jar
getClassPath():logpath2: /app/tomcat/lib
VPAppLogClientBase:getClassPath - return path: /app/tomcat/lib
log4j:WARN No appenders could be found for logger (org.apache.axis2.description.AxisOperation).
log4j:WARN Please initialize the log4j system properly.
Current Retry Count : 1
Current Retry Count : 1
Current Retry Count : 1
********** ds is NOT null *****************
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1514)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:961)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1546)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1474)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338)
at connectivity.ws.operations.ServiceNow.getServiceNowData(ServiceNow.java:116)
at flow.ServiceNowResetValidation.requestBegin(ServiceNowResetValidation.java:90)
at com.avaya.sce.runtime.AppServlet.processRequest(AppServlet.java:81)
at com.avaya.sce.runtime.SCEServlet.requestHandler(SCEServlet.java:247)
at com.avaya.sce.runtime.SCEServlet.doGet(SCEServlet.java:140)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:626)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:733)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:542)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:687)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:357)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1707)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at com.avaya.ade.common.utils.security.NameValidatingTrustManager.checkServerTrusted(NameValidatingTrustManager.java:65)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1496)
... 42 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
... 49 more


[Thumb - Certificate.PNG]
 Filename Certificate.PNG [Disk] Download
 Description DDRuntime Certificate Setup
 Filesize 105 Kbytes
 Downloaded:  41 time(s)

[Thumb - License.PNG]
 Filename License.PNG [Disk] Download
 Description DDRuntime License Setup
 Filesize 95 Kbytes
 Downloaded:  38 time(s)

WilsonYu



Joined: 06/11/2013 14:29:24
Messages: 3796
Offline

On the certificate page of runtimeconfig, you need to Change (the button) to the jks truststore file that has your web service certificate.
 
 
Go to: