Hi,

I had to change certificates in our Userapplication jboss (UA3.7 patch
E). The new cert is signed by our internal CA (not the eDir one), and
all is well, the keystore has root of the CA and the signed server
certificate.
Jboss starts ok, and all is well on that part.

Looking in the trace on the IDM server I do find errors when the Role
and Resource service driver try to connect to the UA to do what it is
supposed to do.
16:52:02 1728 Drvrs: Role and Resource ST:
DirXML Log Event -------------------
Driver: \IDV\Corp\res\IDV-DriverSet\Role and Resource Service Office
Channel: Subscriber
Status: Error
Message: Unable to start Approval Workflow
Workflow DN: ...
Reason: java.lang.RuntimeException:
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderE xception: unable to
find valid certification path to requested target

Thinking this is supposed to happen since I changed the certificates in
the UA.
Added our CA:s root to the lib\security\cacerts keystore and restrted
the driver. No difference.

What did I miss? Probably lots of things...

Any suggestions?

br
/Anders


--
abergvall
------------------------------------------------------------------------
abergvall's Profile: http://forums.novell.com/member.php?userid=14466
View this thread: http://forums.novell.com/showthread.php?t=456942