Certificate chaining error

During an LSF outage, we checked the latest logs and saw security_authen.log was updated. It showed a number of errors that a certificate was not trusted. We checked the trusted certificates and saw that the certificate and related certificates were all trusted. So why was the error returned?

Scroll further down the log list to ladb.log. You may see that there is a GEN failed message. Verify that the GEN database really is available by connecting to it directly with a database utility like SQL Studio. Then verify that the gen database connection info is correct in LAWDIR\gen\MICROSOFT. If you are using SERVICENAME to lookup the password, you may want to test commenting out the service name and including the id/password in the file and secure the file. Restart the server and test the portal.

 

SECURITY_AUTHEN.LOG

Caused by: java.security.cert.CertPathValidatorException: The certificate issued by CN=PKIROOT-01-CA is not trusted; internal cause is:

java.security.cert.CertPathValidatorException: Certificate chaining error

at com.ibm.security.cert.BasicChecker.<init>(BasicChecker.java:111)

at com.ibm.security.cert.PKIXCertPathValidatorImpl.engineValidate(PKIXCertPathValidatorImpl.java:199)

at java.security.cert.CertPathValidator.validate(CertPathValidator.java:278)

at com.ibm.jsse2.util.f.a(f.java:14)

… 68 more

Caused by: java.security.cert.CertPathValidatorException: Certificate chaining error

at com.ibm.security.cert.CertPathUtil.findIssuer(CertPathUtil.java:316)

at com.ibm.security.cert.BasicChecker.<init>(BasicChecker.java:108)

… 71 more

 

LADB.LOG
DBDataAreaFactory_1 Create of kind “GEN” failed.
java.lang.UnsatisfiedLinkError: com/lawson/rdtec
h/db/api/DBJni.jniTsDBConnect(I)Ljava/lang/Integer;
DBDataAreaFactory_1 Create of kind “GEN” failed.java.lang.UnsatisfiedLinkError: com/lawson/rdtech/db/api/DBJni.jniTsDBConnect(I)Ljava/lang/Integer;

 

MICROSOFT
#LAWGATENAME=msfdb2000
DBSERVER=lawdbserver
DBNAME=LAWGEN
#SERVICENAME=DBGEN
LOGINNAME=lawson
PASSWORD=lkaj7fde#%&hdsw
SCHEMA=dbo
FILEGROUPS=FALSE
#DEBUG=TRUE

 

PORTAL