Error: Untrusted Server Certificate

When i click on Query Interfaces (IPS Manager: Configuration > Settings > Interfaces) i get the following error:
An error occurred trying to get the interface information. An error occurred while trying to determine the sensor version. Detail = Error occurred while communicating with 172.17.xx.xx: java.security.cert.CertificateException: Untrusted Server Certificate Chain
Any suggestion?
Thank you,

That is a pretty strange message. Have you had a chance to reach out to Windows Live?
TamaraH_VZW
Follow us on Twitter @VZWSupport

Similar Messages

Untrusted Server Certificate Chain error

I am trying to use a certificate (digital signature) on the client, when accessing a Webservice. This fails with the following error :
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Untrusted Server Certificate Chain
My code is :
KeyStore ks = null;
String strURL = "https://myserver.com/myurl/lookup.asmx";
SSLSocketFactory sslSocketFactory = null;
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
// Load certificate dynamically
SSLContext sslContext = SSLContext.getInstance("SSLv3");
TrustManagerFactory trustMgtFactory = TrustManagerFactory.getInstance("SunX509");
CertificateFactory cert = CertificateFactory.getInstance("X.509");
FileInputStream lo_fileinputstream = null;
lo_fileinputstream = new FileInputStream("c:\\temp\\digital.cer");
X509Certificate servercacert = (X509Certificate)cert.generateCertificate(lo_fileinputstream);
lo_fileinputstream.close();
String s1 = servercacert.getSerialNumber().toString();
if(ks == null)
ks = KeyStore.getInstance("JKS");
ks.load(null, null);
ks.setCertificateEntry(s1, servercacert);
trustMgtFactory.init(ks);
sslContext.init(null, trustMgtFactory.getTrustManagers(), null);
sslSocketFactory = sslContext.getSocketFactory();
HttpsURLConnection.setDefaultSSLSocketFactory(sslSocketFactory);
// Call webservice
URL cascadeURL = new URL(strURL);
HttpsURLConnection conn = (HttpsURLConnection) cascadeURL.openConnection();
String inputline=null;
if (conn instanceof HttpsURLConnection) {
conn.connect();
BufferedReader in = new BufferedReader(
new InputStreamReader(
conn.getInputStream()));
while ((inputline = in.readLine()) != null) {
System.out.println(inputline);
in.close();
Please help - I am on a very tight deadline (as usual).

Found the problem. I simply needed to add another certificate.

Synchronization Error: Untrusted Server Cert Chain

Hi Folks,
The basis team have installed SAP Netweaver 7.01 with Mobile 7.1 on the server. I'm using the NW Mobile Client on a Hand Held to synchronize and register for the first time to the DOE. But I'm getting the error: "Untrusted Server Cert Chain".
Can anyone guide me through this problem. I know that this is something with a certificate but still don't know how solve this.
Thanks in advance.
Regards,
Gilberto Li

Solved it with OSS Note 550498.

Problem with HTTPS requests to host with untrusted server certificate

Hi,
I develop an iPhone framework which sends HTTPS requests in order to communicate with a publicly available backend server. Currently I have a big problem regarding untrusted server certificates.
The certificate of the backend server is not signed by a trusted CA, so my first approach was to use NSURLRequest's private allowsAnyHTTPSCertificateForHost. While this worked as expected an was fine as temporary workaround, our customer demands a clean solution as final result. Therefore I wrote a method which allows to install a provided certificate from the file system in the keychain, but this method does not work as expected in the iPhone Simulator. The certificate is installed in the host machine's Mac OS X keychain instead. Unfortunately, if I call NSURLConnection's sendSynchronousRequest method, I retrieve an "untrusted server certificate" error. It seems as if NSURLConnection is not able to access the host's Mac OS X keychain to retrieve the certificate.
Is my guess correct or did I miss something?
Would my approach work if I ran my app on a real iPhone device instead (I do not have one available yet)?
Does there exist a keychain in the iPhone Simulator at all?
Is it at all possible to send HTTPS requests to a server with an untrusted certificate on the iPhone Simulator or do I have to use precompiler directives to implement different routines depending on the underlying platform (simulator or device, respectively)?
Any help is highly appreciated.
Thanks,
Matthias

Indeed this would be a clean and simple solution. But our customer is not willing to get a real certificate, for whatever reasons.
The question that remains is if the HTTPS requests would succeed on the iPhone device itself if the server certificate was installed in the keychain by the same app beforehand.

Device Enrollment - Error: The server certificate for "myserver" is invalid?

Hello,
I am attempting to enroll my iPhone in the Lion Server Profile Manager. I have aquires and SSL certificate on my Lion Server but do not have a code signing certificate. From my iPhone, I can log into http://myserver.mydomain.lan/mydevices and log in using my AD credentials when I try to install the Device Enrollment Profile I am prompted with the following message: The server certificate for "https://myserver.mydomain.lan/devicemanagment/api/device/ota_service" is invalid.
Not sure how to get around this...
I am using AD with an extended schema and was not sure if MDM absolutely requires OD credentials or if I could use my AD credentials when enrolling a device. I was also unsure if I needed the code signing certificate which appears to be a bit pricey from Go-Daddy. I am just test bedding MDM and do not wish to go through the expense of a code signing certificate at this point.
Has anyone else encountered this problem?
Thanks,
Ray

Not sure if this will help, but we encountered the same problem. Our workaround was to click on the "Profiles" tab & install the Trust Profile first (not the Everyone Profile) and then enroll the device. That seemed to work, but I don't know what's causing that error message. Hopefully someone with more knowledge than me can answer that one.

Untrusted server cert --- JSSE usage with applets

Hi all,
I am using JSSE client ( uses applets) connects to JSSE server.
I am getting error: untrusted server cert
I am able to connect JSSE server with the JSSE client with out applets with same self signed certificate.
I have read some where that applets by default refer cacerts instead of jssecacerts. Thats why i have added certificate to cacerts also.
I am sending errors (both at client and server side) and html file used for applets at client side.
machName portno port:127.0.0.1 2002 2002
found key for : alias
SunX509: skip default keystore: java.security.AccessControlException: access den
ied (java.util.PropertyPermission javax.net.ssl.trustStore read)
trigger seeding of SecureRandom
done seeding SecureRandom
Machine Name is 127.0.0.1
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 1009970996 bytes = { 101, 168, 120, 86, 239, 175, 47, 195, 7
4, 19, 250, 73, 236, 219, 251, 102, 102, 151, 188, 95, 121, 105, 96, 173, 182, 3
3, 212, 30 }
Session ID: {}
Cipher Suites: { 0, 9 }
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 45
0000: 01 00 00 29 03 01 3C 33 EF 34 65 A8 78 56 EF AF ...)..<3.4e.xV..
0010: 2F C3 4A 13 FA 49 EC DB FB 66 66 97 BC 5F 79 69 /.J..I...ff.._yi
0020: 60 AD B6 21 D4 1E 00 00 02 00 09 01 00 `..!.........
AWT-EventQueue-1, WRITE: SSL v3.1 Handshake, length = 45
[write] MD5 and SHA1 hashes: len = 47
0000: 01 03 01 00 06 00 00 00 20 00 00 09 06 00 40 3C ........ .....@<
0010: 33 EF 34 65 A8 78 56 EF AF 2F C3 4A 13 FA 49 EC 3.4e.xV../.J..I.
0020: DB FB 66 66 97 BC 5F 79 69 60 AD B6 21 D4 1E ..ff.._yi`..!..
AWT-EventQueue-1, WRITE: SSL v2, contentType = 22, translated length = 16340
AWT-EventQueue-1, READ: SSL v3.1 Handshake, length = 670
*** ServerHello, v3.1
RandomCookie: GMT: 1009970996 bytes = { 225, 193, 138, 42, 75, 55, 82, 98, 128,
65, 108, 86, 20, 94, 198, 33, 33, 115, 40, 27, 29, 0, 117, 169, 21, 60, 48, 113
Session ID: {60, 51, 239, 52, 239, 124, 121, 133, 111, 116, 246, 8, 10, 20, 99,
150, 141, 208, 153, 124, 223, 176, 115, 34, 158, 29, 153, 32, 194, 198, 217, 12
6}
Cipher Suite: { 0, 9 }
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_DES_CBC_SHA]
** SSL_RSA_WITH_DES_CBC_SHA
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 01 3C 33 EF 34 E1 C1 8A 2A 4B 37 ...F..<3.4...*K7
0010: 52 62 80 41 6C 56 14 5E C6 21 21 73 28 1B 1D 00 Rb.AlV.^.!!s(...
0020: 75 A9 15 3C 30 71 20 3C 33 EF 34 EF 7C 79 85 6F u..<0q <3.4..y.o
0030: 74 F6 08 0A 14 63 96 8D D0 99 7C DF B0 73 22 9E t....c.......s".
0040: 1D 99 20 C2 C6 D9 7E 00 09 00 .. .......
*** Certificate chain
chain [0] = [
Version: V1
Subject: CN=prasadv, OU=nms, O=mindtree, L=bangalore, ST=karnataka, C=IN
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@479809
Validity: [From: Wed Jan 02 14:46:52 GMT+05:30 2002,
               To: Thu Jan 02 14:46:52 GMT+05:30 2003]
Issuer: CN=prasadv, OU=nms, O=mindtree, L=bangalore, ST=karnataka, C=IN
SerialNumber: [    3c32d004 ]
Algorithm: [MD5withRSA]
Signature:
0000: 71 00 A6 5A 95 8D 02 1F FD DF 51 55 73 14 59 C2 q..Z......QUs.Y.
0010: 51 40 D5 38 BE 0C 52 17 44 01 CC 6B 72 05 69 94 [email protected].
0020: 9E 01 2D C5 E4 FF D9 B6 73 8F 0C 84 6F 2A 4B A4 ..-.....s...o*K.
0030: 42 B7 EE E2 B2 32 A6 64 28 6B A2 F1 91 A8 D2 36 B....2.d(k.....6
0040: 09 E8 50 72 1F 25 77 B5 0D 92 48 96 87 EE 76 AF ..Pr.%w...H...v.
0050: 67 FD BF 7F 77 35 36 2F F2 2F 2D 9E 1F 2C F2 8C g...w56/./-..,..
0060: BF B6 44 9F 49 EE E8 E3 13 ED EC 3D 17 1B EC 28 ..D.I......=...(
0070: 6A 37 36 37 BC C3 36 3F 76 22 FF 1C 02 AB 90 0A j767..6?v"......
AWT-EventQueue-1, SEND SSL v3.1 ALERT: fatal, description = certificate_unknown
AWT-EventQueue-1, WRITE: SSL v3.1 Alert, length = 2
IO exceptionuntrusted server cert chain
Exception occurred during event dispatching:
java.security.AccessControlException: access denied (java.lang.RuntimePermission
exitVM)
at java.security.AccessControlContext.checkPermission(AccessControlConte
xt.java:272)
at java.security.AccessController.checkPermission(AccessController.java:
399)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
at java.lang.SecurityManager.checkExit(SecurityManager.java:765)
at java.lang.Runtime.exit(Runtime.java:91)
at java.lang.System.exit(System.java:701)
at Connection.<init>(Connection.java:94)
at Main$2.actionPerformed(Main.java:373)
at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:14
50)
at javax.swing.AbstractButton$ForwardActionEvents.actionPerformed(Abstra
ctButton.java:1504)
at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel
.java:378)
at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:250
at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(BasicButtonL
istener.java:216)
at java.awt.Component.processMouseEvent(Component.java:3717)
at java.awt.Component.processEvent(Component.java:3546)
at java.awt.Container.processEvent(Container.java:1164)
at java.awt.Component.dispatchEventImpl(Component.java:2595)
at java.awt.Container.dispatchEventImpl(Container.java:1213)
at java.awt.Component.dispatchEvent(Component.java:2499)
at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:2451
at java.awt.LightweightDispatcher.processMouseEvent(Container.java:2216)
at java.awt.LightweightDispatcher.dispatchEvent(Container.java:2125)
at java.awt.Container.dispatchEventImpl(Container.java:1200)
at java.awt.Window.dispatchEventImpl(Window.java:912)
at java.awt.Component.dispatchEvent(Component.java:2499)
at java.awt.EventQueue.dispatchEvent(EventQueue.java:319)
at java.awt.EventDispatchThread.pumpOneEvent(EventDispatchThread.java:10
3)
at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93)
at java.awt.Dialog.show(Dialog.java:370)
at Main.validate(Main.java:434)
at Main$MenuItemListener.actionPerformed(Main.java:729)
at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:14
50)
at javax.swing.AbstractButton$ForwardActionEvents.actionPerformed(Abstra
ctButton.java:1504)
at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel
.java:378)
at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:250
at javax.swing.AbstractButton.doClick(AbstractButton.java:279)
at javax.swing.plaf.basic.BasicMenuItemUI$MouseInputHandler.mouseRelease
d(BasicMenuItemUI.java:886)
at java.awt.Component.processMouseEvent(Component.java:3717)
at java.awt.Component.processEvent(Component.java:3546)
at java.awt.Container.processEvent(Container.java:1164)
at java.awt.Component.dispatchEventImpl(Component.java:2595)
at java.awt.Container.dispatchEventImpl(Container.java:1213)
at java.awt.Component.dispatchEvent(Component.java:2499)
at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:2451
at java.awt.LightweightDispatcher.processMouseEvent(Container.java:2216)
at java.awt.LightweightDispatcher.dispatchEvent(Container.java:2125)
at java.awt.Container.dispatchEventImpl(Container.java:1200)
at java.awt.Component.dispatchEvent(Component.java:2499)
at java.awt.EventQueue.dispatchEvent(EventQueue.java:319)
at java.awt.EventDispatchThread.pumpOneEvent(EventDispatchThread.java:10
3)
at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93)
at java.awt.EventDispatchThread.run(EventDispatchThread.java:84)
errors at server side :
trustStore type is : jks
init truststore
adding private entry as trusted cert: [
Version: V1
Subject: CN=prasadv, OU=nms, O=mindtree, L=bangalore, ST=karnataka, C=IN
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@291aff
Validity: [From: Wed Jan 02 14:46:52 GMT+05:30 2002,
               To: Thu Jan 02 14:46:52 GMT+05:30 2003]
Issuer: CN=prasadv, OU=nms, O=mindtree, L=bangalore, ST=karnataka, C=IN
SerialNumber: [    3c32d004 ]
Algorithm: [MD5withRSA]
Signature:
0000: 71 00 A6 5A 95 8D 02 1F FD DF 51 55 73 14 59 C2 q..Z......QUs.Y.
0010: 51 40 D5 38 BE 0C 52 17 44 01 CC 6B 72 05 69 94 [email protected].
0020: 9E 01 2D C5 E4 FF D9 B6 73 8F 0C 84 6F 2A 4B A4 ..-.....s...o*K.
0030: 42 B7 EE E2 B2 32 A6 64 28 6B A2 F1 91 A8 D2 36 B....2.d(k.....6
0040: 09 E8 50 72 1F 25 77 B5 0D 92 48 96 87 EE 76 AF ..Pr.%w...H...v.
0050: 67 FD BF 7F 77 35 36 2F F2 2F 2D 9E 1F 2C F2 8C g...w56/./-..,..
0060: BF B6 44 9F 49 EE E8 E3 13 ED EC 3D 17 1B EC 28 ..D.I......=...(
0070: 6A 37 36 37 BC C3 36 3F 76 22 FF 1C 02 AB 90 0A j767..6?v"......
trigger seeding of SecureRandom
done seeding SecureRandom
Befotre main step
Waiting for request under port
matching server alias : alias
Finalizer, SEND SSL v3.1 ALERT: warning, description = close_notify
Finalizer, WRITE: SSL v3.1 Alert, length = 2
Waiting for request under port
[read] MD5 and SHA1 hashes: len = 3
0000: 01 03 01 ...
[read] MD5 and SHA1 hashes: len = 44
0000: 00 06 00 00 00 20 00 00 09 06 00 40 3C 33 EF 34 ..... .....@<3.4
0010: 65 A8 78 56 EF AF 2F C3 4A 13 FA 49 EC DB FB 66 e.xV../.J..I...f
0020: 66 97 BC 5F 79 69 60 AD B6 21 D4 1E f.._yi`..!..
Thread-0, READ: SSL v2, contentType = 22, translated length = 45
*** ClientHello, v3.1
RandomCookie: GMT: 1009970996 bytes = { 101, 168, 120, 86, 239, 175, 47, 195, 7
4, 19, 250, 73, 236, 219, 251, 102, 102, 151, 188, 95, 121, 105, 96, 173, 182, 3
3, 212, 30 }
Session ID: {}
Cipher Suites: { 0, 9 }
Compression Methods: { 0 }
%% Created: [Session-1, SSL_NULL_WITH_NULL_NULL]
*** ServerHello, v3.1
RandomCookie: GMT: 1009970996 bytes = { 225, 193, 138, 42, 75, 55, 82, 98, 128,
65, 108, 86, 20, 94, 198, 33, 33, 115, 40, 27, 29, 0, 117, 169, 21, 60, 48, 113
Session ID: {60, 51, 239, 52, 239, 124, 121, 133, 111, 116, 246, 8, 10, 20, 99,
150, 141, 208, 153, 124, 223, 176, 115, 34, 158, 29, 153, 32, 194, 198, 217, 12
6}
Cipher Suite: { 0, 9 }
Compression Method: 0
Cipher suite: SSL_RSA_WITH_DES_CBC_SHA
*** Certificate chain
chain [0] = [
Version: V1
Subject: CN=prasadv, OU=nms, O=mindtree, L=bangalore, ST=karnataka, C=IN
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@47c5fc
Validity: [From: Wed Jan 02 14:46:52 GMT+05:30 2002,
               To: Thu Jan 02 14:46:52 GMT+05:30 2003]
Issuer: CN=prasadv, OU=nms, O=mindtree, L=bangalore, ST=karnataka, C=IN
SerialNumber: [    3c32d004 ]
Algorithm: [MD5withRSA]
Signature:
0000: 71 00 A6 5A 95 8D 02 1F FD DF 51 55 73 14 59 C2 q..Z......QUs.Y.
0010: 51 40 D5 38 BE 0C 52 17 44 01 CC 6B 72 05 69 94 [email protected].
0020: 9E 01 2D C5 E4 FF D9 B6 73 8F 0C 84 6F 2A 4B A4 ..-.....s...o*K.
0030: 42 B7 EE E2 B2 32 A6 64 28 6B A2 F1 91 A8 D2 36 B....2.d(k.....6
0040: 09 E8 50 72 1F 25 77 B5 0D 92 48 96 87 EE 76 AF ..Pr.%w...H...v.
0050: 67 FD BF 7F 77 35 36 2F F2 2F 2D 9E 1F 2C F2 8C g...w56/./-..,..
0060: BF B6 44 9F 49 EE E8 E3 13 ED EC 3D 17 1B EC 28 ..D.I......=...(
0070: 6A 37 36 37 BC C3 36 3F 76 22 FF 1C 02 AB 90 0A j767..6?v"......
*** ServerHelloDone
[write] MD5 and SHA1 hashes: len = 670
0000: 02 00 00 46 03 01 3C 33 EF 34 E1 C1 8A 2A 4B 37 ...F..<3.4...*K7
0010: 52 62 80 41 6C 56 14 5E C6 21 21 73 28 1B 1D 00 Rb.AlV.^.!!s(...
0020: 75 A9 15 3C 30 71 20 3C 33 EF 34 EF 7C 79 85 6F u..<0q <3.4..y.o
0030: 74 F6 08 0A 14 63 96 8D D0 99 7C DF B0 73 22 9E t....c.......s".
0040: 1D 99 20 C2 C6 D9 7E 00 09 00 0B 00 02 4C 00 02 .. ..........L..
0050: 49 00 02 46 30 82 02 42 30 82 01 AB 02 04 3C 32 I..F0..B0.....<2
0060: D0 04 30 0D 06 09 2A 86 48 86 F7 0D 01 01 04 05 ..0...*.H.......
0070: 00 30 68 31 0B 30 09 06 03 55 04 06 13 02 49 4E .0h1.0...U....IN
0080: 31 12 30 10 06 03 55 04 08 13 09 6B 61 72 6E 61 1.0...U....karna
0090: 74 61 6B 61 31 12 30 10 06 03 55 04 07 13 09 62 taka1.0...U....b
00A0: 61 6E 67 61 6C 6F 72 65 31 11 30 0F 06 03 55 04 angalore1.0...U.
00B0: 0A 13 08 6D 69 6E 64 74 72 65 65 31 0C 30 0A 06 ...mindtree1.0..
00C0: 03 55 04 0B 13 03 6E 6D 73 31 10 30 0E 06 03 55 .U....nms1.0...U
00D0: 04 03 13 07 70 72 61 73 61 64 76 30 1E 17 0D 30 ....prasadv0...0
00E0: 32 30 31 30 32 30 39 31 36 35 32 5A 17 0D 30 33 20102091652Z..03
00F0: 30 31 30 32 30 39 31 36 35 32 5A 30 68 31 0B 30 0102091652Z0h1.0
0100: 09 06 03 55 04 06 13 02 49 4E 31 12 30 10 06 03 ...U....IN1.0...
0110: 55 04 08 13 09 6B 61 72 6E 61 74 61 6B 61 31 12 U....karnataka1.
0120: 30 10 06 03 55 04 07 13 09 62 61 6E 67 61 6C 6F 0...U....bangalo
0130: 72 65 31 11 30 0F 06 03 55 04 0A 13 08 6D 69 6E re1.0...U....min
0140: 64 74 72 65 65 31 0C 30 0A 06 03 55 04 0B 13 03 dtree1.0...U....
0150: 6E 6D 73 31 10 30 0E 06 03 55 04 03 13 07 70 72 nms1.0...U....pr
0160: 61 73 61 64 76 30 81 9F 30 0D 06 09 2A 86 48 86 asadv0..0...*.H.
0170: F7 0D 01 01 01 05 00 03 81 8D 00 30 81 89 02 81 ...........0....
0180: 81 00 D2 18 99 9D 29 35 BC 5F AB 80 0C 14 F2 19 ......)5._......
0190: 13 B4 27 28 B1 37 AC 8F 33 CE 2F 08 BF F0 8E 88 ..'(.7..3./.....
01A0: DA BA 40 4B 94 F6 CE CB F3 C9 79 1F 80 CD BA D9 [email protected].....
01B0: 3B 19 8C 70 37 CE E4 DD 49 C7 EF AA FC 30 87 78 ;..p7...I....0.x
01C0: BF D7 8A 68 CE 13 F2 56 8C 08 51 CB AE 17 B1 DC ...h...V..Q.....
01D0: 0B 40 E7 35 AC F6 57 16 A5 B1 AA DB 88 26 2E 6A [email protected]......&.j
01E0: 4A C7 83 45 7F 79 D2 9F 28 ED 54 28 B8 56 48 A1 J..E.y..(.T(.VH.
01F0: 0D 95 47 E0 1F DB 70 0B 38 CA E5 B7 A0 DC 3C 87 ..G...p.8.....<.
0200: BC 07 02 03 01 00 01 30 0D 06 09 2A 86 48 86 F7 .......0...*.H..
0210: 0D 01 01 04 05 00 03 81 81 00 71 00 A6 5A 95 8D ..........q..Z..
0220: 02 1F FD DF 51 55 73 14 59 C2 51 40 D5 38 BE 0C [email protected]..
0230: 52 17 44 01 CC 6B 72 05 69 94 9E 01 2D C5 E4 FF R.D..kr.i...-...
0240: D9 B6 73 8F 0C 84 6F 2A 4B A4 42 B7 EE E2 B2 32 ..s...o*K.B....2
0250: A6 64 28 6B A2 F1 91 A8 D2 36 09 E8 50 72 1F 25 .d(k.....6..Pr.%
0260: 77 B5 0D 92 48 96 87 EE 76 AF 67 FD BF 7F 77 35 w...H...v.g...w5
0270: 36 2F F2 2F 2D 9E 1F 2C F2 8C BF B6 44 9F 49 EE 6/./-..,....D.I.
0280: E8 E3 13 ED EC 3D 17 1B EC 28 6A 37 36 37 BC C3 .....=...(j767..
0290: 36 3F 76 22 FF 1C 02 AB 90 0A 0E 00 00 00 6?v"..........
Thread-0, WRITE: SSL v3.1 Handshake, length = 670
Thread-0, READ: SSL v3.1 Alert, length = 2
Thread-0, RECV SSLv3 ALERT: fatal, certificate_unknown
html file used at client side
<HTML>


<OBJECT classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93"
WIDTH = 600 HEIGHT = 200 codebase="http://java.sun.com/products/plugin/1.3/jinstall-13-win32.cab#Version=1,3,0,0">
<PARAM NAME = CODE VALUE = Main>
<PARAM NAME = CODEBASE VALUE = . >
<PARAM NAME = machinename VALUE = "127.0.0.1" >
<PARAM NAME = port VALUE = "2002" >
<PARAM NAME="type" VALUE="application/x-java-applet;version=1.3">
<PARAM NAME="scriptable" VALUE="false">
</OBJECT>
</HTML>
Please help me to solve out this problem.
Thanks,
prasad.

Are u using MS JVM i.e default IE browser or you have installed the plug in?

Untrusted server cert chain - MI 7.1 Client PDA

Dear Expert,
I am implementing SSL security in SAP MI 7.1.
The HTTPS service is already enabled (port 443) and I can enter on via browser.
Generate a certificate and signed by the SAP test certificate for 8 weeks.
Export the certificate to the truststore file, using the command:
keytool -import -file MID.cer -keystore truststore -alias MID -storepass access
Copy the truststore file (whit certificate MID) in PDA: \MI\settings.
And also enable the parameters (in configuration.properties ):
com.sap.tc.mobile.sync.http.port=443
com.sap.tc.mobile.sync.protocol=https
com.sap.tc.mobile.sync.http.sslenabled=true
com.sap.tc.mobile.sync.https.hostnameverifying=false
com.sap.tc.mobile.sync.https.truststore=/MI/settings/truststore
But in trying to synchronize the PDA with the DOE get an error: "untrusted server cert chain"
I am using: Client MI 7.1 for PDA SP9
I have reviewed the documents: "How To Configure SSL for SAP NetWeaver Mobile 7.1 Applicable"
Check various forms, without finding a solution ...
some idea of the problem?
Thanks!!

Hi,
Follow the below given links to configure SSL
--> Making External Server Certificates Trusted
http://help.sap.com/saphelp_dm40/helpdata/en/0f/8d80f68eace441b3d1ebdc4b
2f2c81/content.htm (The link applies for PDA also)
--> Configure the below given parameters in the default.properties
com.sap.tc.mobile.sync.http.sslenabled
> Default value: True
com.sap.tc.mobile.sync.https.hostnameverifying
> Default value: True
com.sap.tc.mobile.sync.https.truststore
> Location of truststore file containing SSL certificates. If the
given location is not absolute, the system searches for the file in a
path that is relative to the installation directory.
For more details refer Note : 1312866
And follow the below given link :
http://help.sap.com/saphelp_nwmobile71/helpdata/en/06/a7d001e17b421db7e2
dd8279853971/frameset.htm
--> Even after following the above mentioned steps,Do the following :
Create the Trustsore on a PC and then use a Addon to
deploy these files to the PDA along with the SSL Libraries.
Regards,
Suma

Profile Manager Enrollment - iOS - Server Certificate Invalid

I have been getting an error trying to enroll iOS devices into profile manager. My MacBook and iMac enroll just fine. However my iPhone and iPad do not.
When I enroll my MacBook Pro, I first log into https://(FQDN)/mydevices, select profiles, Install Trusted Profile. I then go back to devices, and click 'Enroll now'. When I check the Profiles section of System Preferences, I see that the 'Trusted Profile' has added two certificates refering to my server. I can only assume one matches the Self Signed I generated shortly after making my hostname public, and the other Apple Push generated for me.
However when I do this exact same process on my iPad/iPhone, when I attempt the 'Enroll Now' step, I get the error "The server certificate for "https://(FQDN)/devicesmanagement/api/device/ota_service" is invalid.
My searches for this issue have turned up issues close to this, but never exactly this, and the solutions don't seem to work for me. Here are some key points to note:
1. Tried demoting to standalone, re-promote to OD Master, then deleted all certificates, and regenerated all (including the Push cert from Apple)
2. Ran sudo changeip -checkhostname
3. DNS routes forward and reverse correctly in my local LAN
4. I had been getting "Remote Verification failed: (os/kern) failure" / "TEAVerifyCert() returned NULL" in my logs every 3 seconds until I did the steps listed in '1'
Looking forward to 10.7.1

@hombre7777
Thanks for the info. That makes sence what you are telling me. Their instuctions are kind of bland and dont make sence as much as they should.
The only thing that scares me on this one is now we need to put a device in the dmz....
So now upgrading our xserv to 10.7 when it becomes stable would now be using the magic triangle, and trying to only have 1 to manage osx machines / and now ios devices. Edit our wiki's thats already in place, and have important databases on filemaker is now going to reside in the dmz....
So someone wasn't thinking on this one!!! haha
It looks like we will have to seperate things now, so ios devices are managed on their own machine in the dmz with now a hole leaked in the firewall for AD to authenticate so we can pull users down to associate profiles with them.
Our osx machine will then contain a seperate spot to manage osx devices bound to user accounts, as well as manage filemaker and wiki's that are in use already.
It would be nice if they had figured out a way to do this a little different so we wern't opening holes in the firewall.
The funny thing is I was able to get the ipad to bind and enroll the very first time when i was on a vpn tunnel from my house trying things out.
So I know you can do it, without having to go public, although the push service wasn't working properly and I was not able to bind osx and enroll. So i stared over.
Ill play around to see what I can figure out later. Thanks for the help. If you find out the port numbers please let me know as well! Im not able to move the box to an outside firewall right now. I have to much to do. I can probably do that next week.

Untrusted server cert chain Error

I am trying to connect to a HTTPS server using a jsp page, running JRUN 1.3 and JSSE 1.0.2.
I have an error message consistenly that says: "untrusted server cert chain".
I believe that the certificate is ok, and JSSE is configured properly.
Here is the code I am using, do you know where the preoblem is?
<html>
<%@ page import="java.io.*"%>
<%@ page import="java.net.*"%>
<%@ page import="com.sun.net.ssl.*"%>
<%@ page import="java.security.*"%>
<%@ page import="java.util.*"%>
<head>
     <title></title>
</head>
<body>
<%
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("javax.net.debug", "help all");
URL thisURL=new URL("https://test.com/index.html");
URLConnection uCon= null;
uCon = (URLConnection) thisURL.openConnection();
InputStreamReader isr=new InputStreamReader(uCon.getInputStream());
BufferedReader brObject=new BufferedReader(isr);
//printing out
String line = "";
StringBuffer sb     =     new StringBuffer();
while ((line = brObject.readLine()) != null){
          sb.append(line);
sb.toString();
%>
</body>
</html>

Why dont u try to connect to
https://www.verisign.com
Code seems to be correct. If it doesnt work, mail me at
[email protected]

AnyConnect 3.1 - removing Security Warning: Untrusted VPN Server Certificate!

Hi guys,
Is there a way to disable the warning generated from using self signed certs?
I would like to make the process as seamless as possible.
AnyConnect 3.1
ASA 8.4(2)
Thanks.

Hi,
We had problem with the above error message with our certificate when we moved to AnyConnect 3.1
We were instructed to request a new one
Also here is the link to Cisco site we were provided that explains the changes in 3.1
IPSec and SSL connections require server certificates to contain Key Usage attributes of Digital Signature and Key Encipherment, as well as an Enhanced Key Usage attribute of Server Authentication or IKE Intermediate. Note that IPSec server certificates not containing a Key Usage are considered invalid for all Key Usages, and similarly an IPSec server certificate not containing an Enhanced Key Usage is considered invalid for all Enhanced Key Usages.
Link to document
http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect31/release/notes/anyconnect31rn.html#wp1049936
Sadly I dont dable with certificates myself so I'm not really familiar with this.
- Jouni

Hybrid Connection fails for Windows SQL Server 2014 - SSL Provider, error: 0 - The certificate chain was issued by an authority that is not trusted

Hello,
I have configured BizTalk Services Hybrid Connection between Standard Azure Website and SQL Server 2014 on premise.
Azure Management portal shows the status of Hybrid Connection as established.
However, the website throws an error when trying to open a connection
<
addname="DefaultConnection"
connectionString="Data
Source=machine name;initial catalog=AdventureWorks2012;Uid=demouser;Password=[my password];MultipleActiveResultSets=True"
providerName="System.Data.SqlClient"
/>
(The same website, with the same connection string deployed on SQL Server machine works correctly).
I tried various options with the connections sting (IP address instead of machine name, Trusted_Connection=False, Encrypt=False, etc. the result is the same
[Win32Exception (0x80004005): The certificate chain was issued by an authority that is not trusted]
[SqlException (0x80131904): A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The certificate chain was issued by an authority that is not trusted.
I tried various machines - on premise and a clean Azure VM with SQL Server and it results in the same error - below full stack
The certificate chain was issued by an authority that is not trusted
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.ComponentModel.Win32Exception: The certificate chain was issued by an authority that is not trusted
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[Win32Exception (0x80004005): The certificate chain was issued by an authority that is not trusted]
[SqlException (0x80131904): A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - The certificate chain was issued by an authority that is not trusted.)]
System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction) +5341687
System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose) +546
System.Data.SqlClient.TdsParserStateObject.SNIWritePacket(SNIHandle handle, SNIPacket packet, UInt32& sniError, Boolean canAccumulate, Boolean callerHasConnectionLock) +5348371
System.Data.SqlClient.TdsParserStateObject.WriteSni(Boolean canAccumulate) +91
System.Data.SqlClient.TdsParserStateObject.WritePacket(Byte flushMode, Boolean canAccumulate) +331
System.Data.SqlClient.TdsParser.TdsLogin(SqlLogin rec, FeatureExtension requestedFeatures, SessionData recoverySessionData) +2109
System.Data.SqlClient.SqlInternalConnectionTds.Login(ServerInfo server, TimeoutTimer timeout, String newPassword, SecureString newSecurePassword) +347
System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover) +238
System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout) +892
System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance) +311
System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData) +646
System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions) +278
System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnectionPool pool, DbConnection owningObject, DbConnectionOptions options, DbConnectionPoolKey poolKey, DbConnectionOptions userOptions) +38
System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject, DbConnectionOptions userOptions, DbConnectionInternal oldConnection) +732
System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject, DbConnectionOptions userOptions, DbConnectionInternal oldConnection) +85
System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, UInt32 waitForMultipleObjectsTimeout, Boolean allowCreate, Boolean onlyOneCheckConnection, DbConnectionOptions userOptions, DbConnectionInternal& connection) +1057
System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection) +78
System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection) +196
System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions) +146
System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions) +16
System.Data.SqlClient.SqlConnection.TryOpenInner(TaskCompletionSource`1 retry) +94
System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry) +110
System.Data.SqlClient.SqlConnection.Open() +96
System.Data.EntityClient.EntityConnection.OpenStoreConnectionIf(Boolean openCondition, DbConnection storeConnectionToOpen, DbConnection originalConnection, String exceptionCode, String attemptedOperation, Boolean& closeStoreConnectionOnFailure) +44
[EntityException: The underlying provider failed on Open.]
System.Data.EntityClient.EntityConnection.OpenStoreConnectionIf(Boolean openCondition, DbConnection storeConnectionToOpen, DbConnection originalConnection, String exceptionCode, String attemptedOperation, Boolean& closeStoreConnectionOnFailure) +203
System.Data.EntityClient.EntityConnection.Open() +104
System.Data.Objects.ObjectContext.EnsureConnection() +75
System.Data.Objects.ObjectQuery`1.GetResults(Nullable`1 forMergeOption) +41
System.Data.Objects.ObjectQuery`1.System.Collections.Generic.IEnumerable<T>.GetEnumerator() +36
System.Collections.Generic.List`1..ctor(IEnumerable`1 collection) +369
System.Linq.Enumerable.ToList(IEnumerable`1 source) +58
CloudShop.Services.ProductsRepository.GetProducts() +216
CloudShop.Controllers.HomeController.Search(String SearchCriteria) +81
CloudShop.Controllers.HomeController.Index() +1130
lambda_method(Closure , ControllerBase , Object[] ) +62
System.Web.Mvc.ActionMethodDispatcher.Execute(ControllerBase controller, Object[] parameters) +14
System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary`2 parameters) +193
System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary`2 parameters) +27
System.Web.Mvc.Async.<>c__DisplayClass42.<BeginInvokeSynchronousActionMethod>b__41() +28
System.Web.Mvc.Async.<>c__DisplayClass8`1.<BeginSynchronous>b__7(IAsyncResult _) +10
System.Web.Mvc.Async.WrappedAsyncResult`1.End() +50
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethod(IAsyncResult asyncResult) +32
System.Web.Mvc.Async.<>c__DisplayClass39.<BeginInvokeActionMethodWithFilters>b__33() +58
System.Web.Mvc.Async.<>c__DisplayClass4f.<InvokeActionMethodFilterAsynchronously>b__49() +225
System.Web.Mvc.Async.<>c__DisplayClass37.<BeginInvokeActionMethodWithFilters>b__36(IAsyncResult asyncResult) +10
System.Web.Mvc.Async.WrappedAsyncResult`1.End() +50
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethodWithFilters(IAsyncResult asyncResult) +34
System.Web.Mvc.Async.<>c__DisplayClass2a.<BeginInvokeAction>b__20() +23
System.Web.Mvc.Async.<>c__DisplayClass25.<BeginInvokeAction>b__22(IAsyncResult asyncResult) +99
System.Web.Mvc.Async.WrappedAsyncResult`1.End() +50
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeAction(IAsyncResult asyncResult) +27
System.Web.Mvc.<>c__DisplayClass1d.<BeginExecuteCore>b__18(IAsyncResult asyncResult) +14
System.Web.Mvc.Async.<>c__DisplayClass4.<MakeVoidDelegate>b__3(IAsyncResult ar) +23
System.Web.Mvc.Async.WrappedAsyncResult`1.End() +55
System.Web.Mvc.Controller.EndExecuteCore(IAsyncResult asyncResult) +39
System.Web.Mvc.Async.<>c__DisplayClass4.<MakeVoidDelegate>b__3(IAsyncResult ar) +23
System.Web.Mvc.Async.WrappedAsyncResult`1.End() +55
System.Web.Mvc.Controller.EndExecute(IAsyncResult asyncResult) +29
System.Web.Mvc.Controller.System.Web.Mvc.Async.IAsyncController.EndExecute(IAsyncResult asyncResult) +10
System.Web.Mvc.<>c__DisplayClass8.<BeginProcessRequest>b__3(IAsyncResult asyncResult) +25
System.Web.Mvc.Async.<>c__DisplayClass4.<MakeVoidDelegate>b__3(IAsyncResult ar) +23
System.Web.Mvc.Async.WrappedAsyncResult`1.End() +55
System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult) +31
System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result) +9
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +9651188
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +155
Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.36213
Regards,
Michal
Michal Morciniec

Same issue here, looking for more information !

Untrusted server cert chain & does not recognize the certificate authority

I have java code that makes an ssl connection to an HTTPS server.
The code workes fine when I connect to a server that has a
certificate that was issued by a recognizable authority.
But when I try to connect to our test HTTPS server which has a
certificate that was created by ourselves for debug, I get this
java exception: "untrusted server cert chain".
When I connect to our test HTTPS server with a browser, I get
this message from the browser in a popup window:
"www.xyz.com is a web site that uses a security certifcate to
identify itself. However netscape 6 does not recognize the
certificate authority that issued this certificate."
At this point I am able to accept the certificate in the popup
window and continue.
Question: In my java code how can I accept a certificate
that was signed by an unrecognizable authority just like the
browser can. Or during debug, how can I set an override
to accept ALL certs no matter what.
Thanks.....Paul

You will have to import your server test certificate into your client machine keystore. By default the keystore will be the 'cacerts' file in JAVA_HOME/jre/lib/security, get your server certificate in .pem format and use keytool to import it to the client.
keytool -import -alias <anything> -file <full path of .pem file> -keystore <full path of cacerts file>
The keystore password is 'changeit' by default, keytool comes with the JDK.
The reasoning behind this is to prevent the misuse of test certificates, the client has to consciously import an untrusted certificate. When you install a real certificate on your server the client will be automatically validated if bought from a trusted CA (Thawte, Verisign).
Take a look at the java.security.KeyStore class, you can use it to view your certificate chain.
Ronny.

Untrusted VPN Server Certificate

We just upgraded our AnyConnect to Ver 3.1.01065 and we are using a self signed cert with it. We haven't had any issues with the before but now when ever a customer logs on to the VPN using AnyConnect we get " Security warning: Untrusted VPN Server Certificate!" and it says that AnyConnect cannot verify the VPN server.
Then i can connect anyways or cancel.
Because this is my server and i trust the cert i am fine just clicking Connect anyways. My customers freak out a bit when they see this, I know this has to be a simple fix but i can't figure out how to get my local boxes to trust the cert. Has anyone run in to this with Ver 3.1.01065 and how did you fix it?
Thanks,
Jeremy

Cisco is really trying to make people stop using self-signed certificates with AC 3.1. You have to either use a trusted root CA (either private or public) or turn off the certificate checking altogether.

Security warning for any connect VPN " Untrusted VPN server Certificate"

Is there any way to disable this security warning ( " Untrusted VPN server Certificate") with self sign certificate on the ASA

Hi Anton,
Please have a look at the link below:
http://docs.acl.com/ex/300/index.jsp?topic=%2Fcom.acl.ax.exception.installguide%2Fexception%2Finstallation%2Ft_installing_the_self-signed_certificate.html
This is for IE. You should get steps for FF and CHROME out there easily as well.
Regards,
Kanwal
Note: Please mark answers if they are helpful.

Error when trying to import self signed server certificate

Hello,
When trying to load a self signed server certificate into the key store (NW2004s SPS11), I get the following exception. Here is the certificate's subject:
"/C=DE/ST=Bavaria/L=Munich/O=Nokia Siemens Networks GmbH & Co KG/OU=CDO IT MSS OMA AS1 DE/CN=carrier-mhhb3u3c.extranet.nokiasiemensnetworks.com/emailAddress=elmar.sternathatnsn.com"
caused by -
com.sap.engine.services.keystore.exceptions.BaseRemoteException: Remote call errored
     at com.sap.engine.services.keystore.impl.KeystoreManagerManagementImpl.writeEntry(KeystoreManagerManagementImpl.java:129)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:324)
     at com.sap.pj.jmx.introspect.DefaultMBeanInvoker.invoke(DefaultMBeanInvoker.java:58)
     at com.sap.pj.jmx.mbeaninfo.AdditionalInfoProviderMBean.invoke(AdditionalInfoProviderMBean.java:289)
     at com.sap.pj.jmx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:944)
     at com.sap.pj.jmx.server.interceptor.MBeanServerWrapperInterceptor.invoke(MBeanServerWrapperInterceptor.java:288)
     at com.sap.engine.services.jmx.CompletionInterceptor.invoke(CompletionInterceptor.java:409)
     at com.sap.pj.jmx.server.interceptor.BasicMBeanServerInterceptor.invoke(BasicMBeanServerInterceptor.java:277)
     at com.sap.jmx.provider.ProviderInterceptor.invoke(ProviderInterceptor.java:258)
     at com.sap.engine.services.jmx.RedirectInterceptor.invoke(RedirectInterceptor.java:340)
     at com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330)
     at com.sap.engine.services.jmx.MBeanServerSecurityWrapper.invoke(MBeanServerSecurityWrapper.java:287)
     at com.sap.engine.services.jmx.MBeanServerInvoker.invokeMbs(MBeanServerInvoker.java:131)
     at com.sap.engine.services.jmx.ClusterInterceptor.invokeMbs(ClusterInterceptor.java:212)
     at com.sap.engine.services.jmx.ClusterInterceptor.invoke(ClusterInterceptor.java:766)
     at com.sap.engine.services.jmx.MBeanServerInterceptorInvoker.invokeMbs(MBeanServerInterceptorInvoker.java:102)
     at com.sap.engine.services.jmx.connector.p4.P4ConnectorServerImpl.invokeMbs(P4ConnectorServerImpl.java:61)
     at com.sap.engine.services.jmx.connector.p4.P4ConnectorServerImplp4_Skel.dispatch(P4ConnectorServerImplp4_Skel.java:64)
     at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:319)
     at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:200)
     at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:136)
     at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
     at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
     at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
     at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
Caused by: com.sap.engine.services.keystore.exceptions.BaseParameterException: Cannot perform operation - character [' '] cannot be part of view or entry alias.
     at com.sap.engine.services.keystore.impl.ParameterChecker.checkEntryName(ParameterChecker.java:251)
     at com.sap.engine.services.keystore.impl.ParameterChecker.writeEntry(ParameterChecker.java:125)
     at com.sap.engine.services.keystore.impl.KeystoreManagerManagementImpl.writeEntry(KeystoreManagerManagementImpl.java:125)
     ... 29 more

Figured it out by myself. There have been dots in the certificate's file name.
Thank you for your help,
Elmar

Error: Untrusted Server Certificate

Similar Messages

Maybe you are looking for