SSL Certificates

SSL Certs, SSL Certificate, SSL Certificates

Securing Your Online Business

Entrust Certificate Services Support Knowledge Base

Audience: Administrator
Last Modified: 2007-02-21 14:07:35.0

TN 7068 - Why do my clients received the error X509CertChainInvalidErr

Problem:

Your client connects using Oracle forms using java initiator and cannot create an SSL Handshake. The server log reports javax.net.ssl.SSLException: SSL handshake failed: X509CertChainInvalidEr

 

Solution:

It may be possible to update the certdb.txt file which is the storage file for trusted CA roots.

According to Oracle from Oracle DOCID: Note:198992.1

Oracle does not provide this functionality.

The certdb.txt has been copied to the client manually. As an alternative it is possible to use a 3rd Party method/ mechanism.

For example:

Use the Winzip Self extractor to create a .exe which contains the Jinitiator code, the new certdb.txt and a batch file which runs the JInit install and then copies in the new certdb.txt file. (Note: WinZip self extractor has the functionality which allows the specification of a command to be run when the WinZip .exe is run - in this case the batch file)A sample batch file is mentioned in the Oracle Note 302376.1 Automating copying of signed certificates on all clients

Affected Products:

  • Entrust Certificate Services 1 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 1 Year SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 2 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 2 Year SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Cert Admin Advantage Server Certificate 1 Year Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services Cert Admin Advantage Server Certificate 2 Year Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services EV SSL - 1 Year Version Not Applicable English Windows
  • Entrust Certificate Services EV SSL - 2 Year Version Not Applicable English Windows

SSL Certificates

buyExtended Validation (EV)

buyAdvantage SSL

buyStandard SSL

buyUnified Communications

buyCode Signing Certificates

buyAdobe CDS