PKIX path building failed error when sending message from IFS Application to Boomi integration

ISSUE/QUESTION:

Getting PKIX path building failed error when sending message from IFS Application to Boomi integration. This error can be seen in Application Message. Please refer the attached screenshot for the error stack.

ExecutionException from Sender thread
Caused by: ifs.fnd.connect.senders.ConnectSender$TemporaryFailureException: Exception while sending data
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

CAUSE:

In the yaml file, the SSL certificate has been added in an incorrect format under the connect pod. (Please refer the below screenshot for the incorrect format.)

RESOLUTION/ANSWER:

Issue resolved by adding the certificate to connect pod in correct format.

You can choose any of the following 2 options. (Examples taken from documentation)

Option 01: - Adding the certificate by pasting the content of the certificate.

ifsappconnect:
certificates:
mycertintext: |
-----BEGIN CERTIFICATE-----
MIIDHzdIZ3+TSgCbI2tupJsv1FRWV3pMg3pdIGo7Ia
FyJKCqEj4rV/q7MW2a4JQJF8ykXixZ4YTLwi67VFMSfd2D516r1Xx2k617B+01dg
GRwQDY3H2NWh1QjBoyIOJKklLd/fEPzm+UU/JH8K/yBQdVZBaxw4KjU0xyqQFTd0
jhsIc1pqf2aVEsejwyNLhs9DnZyvzRBNsyvuVm//0gWV4OPDAa/i0BULgHnjJF2y
2M8H0QgLNafuaVxL2K6jArHg5JB1Qgkd7jxvmylwQhelfV86MmO9cy7f3gIRcX52
lU+UKetAgt4koD5opvDOzWtToavXGALzFjMxMN9iyGEfFf8=
-----END CERTIFICATE-----

Option 02: - Adding the certificate by providing the certificate path.

ifsappconnect:
certificates:
mycertfromfile: C:\remote\ifsroot\config\certs\mycert.crt

ADDITIONAL INFORMATION: N/A

SCRIPTS/LOGS: N/A

SOURCE: https://docs.ifs.com/techdocs/23r1/070_remote_deploy/400_installation_options/003_security/020_configure_outbound_ssl/#overview

VERIFIED: YES

Page 1 / 1

Hi @Aswin Shadhujan

I encountered the same error when attempting to use a FileReader to read a file from a Management server's folder and save the data to the database by calling a REST API.

In my scenario, it's an inbound process. However, I'm puzzled about why the sender error is displayed as your post. Is it due to my usage of the Queue? Does the Queue resend the received data? If that's the case, what steps should I take to address this issue? Thank you!

Best regards,

Feng

Hi @Aswin Shadhujan

When calling the REST API, the error you encountered was displayed in your post. Do I need to upload a certificate for this routing address? If so, please advise me on where I can obtain it.

Alternatively, do I still need to add a certificate following Option 01 or Option 02? If so, could you please inform me about the type of certificate I should obtain? Thanks!

Best regards,

Feng

Hi @feng ,

If the URL end point of a HTTP or REST routing address is secured and the SSL certificate of the relevant URL is not a trusted one, the SSL certificate can be uploaded through Routing Address view. If the SSL certificate is available for a routing address, a runtime keystore will be created with the uploaded certificate when connecting with the URL. This will ensure the secure communication between application and the URL end point.

https://docs.ifs.com/techdocs/23r1/030_administration/030_integration/300_ifs_connect/030_routing_rules_addresses/#uploading_ssl_certificate

I’ll update you on further details.

Thank you,

Aswin.

Reply

Did you find what you're looking for? If not:

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded