Certificate Chain Error while adding and Fetching SOAP operation

* Able to add the Secure SOAP WebService (https://webserviceurl.wsdl) Integration Service successfully, after importing the (trusting) the Root & Intermediate certificates of the WebService host's certificate in Java's cacerts and WebSphere's TrustStore.

* And Able to view the list of operation's as per the WSDL

But when I add the operation and Fetch response, getting the below.

Kindly check and advise.

Exception

{

"ErrorCode": "9001",

"ErrorMessage": "IOException occurred for service ping while obtaining response: com.ibm.jsse2.util.h: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: \n\tjava.security.cert.CertPathValidatorException: The certificate issued by CN=ABCD-SDC, DC=ABCDE, DC=com is not trusted; internal cause is: \n\tjava.security.cert.CertPathValidatorException: Certificate chaining error"

}

Hi ,

Please go to admin console -> settings -> SSL certificates tab and add your backend service host's SSL certificate and check.

Hi,

Thanks for your information. This setting has been verified already.

Additional to that, the certificates were Trusted in the "cacerts" keystore file in (WebSphere profile's) JAVA path.

The below points might be useful for others.

1) As H**** mentioned, Please go to admin console -> settings -> SSL certificates tab and add your backend service host's SSL certificate and check.

2) Import the ROOT certificate in the Keystore of Java (/opt/IBM/Java/jre/lib/security/cacerts) by using keytol command.

keytool -v -keystore ./cacerts -importcert -trustcacerts -file /tmp/Certs/Root_cert.cer -alias Trust_Root

Note: If your WebSphere profile has multiple member (Servers), this above import certificate to be done in all servers.

I have missed to add this certifcate in the second server caused an issue. Once I added to the second server my issue has been resolved.