Discussion

397
Views
Marissa Rogers (MarissaRogers)
MOD
Senior Community Moderator
Pegasystems Inc.
US
MarissaRogers Member since 2015 137 posts
MOD
Posted: October 28, 2016
Last activity: November 2, 2016
Posted: 28 Oct 2016 13:42 EDT
Last activity: 2 Nov 2016 11:06 EDT
Closed

NOTICE: Mobile Build Server Requires Secure Connection

The Mobile Build Server operates via SSL and any Pega 7 server connectinng to needs to have the GoDaddy Root Certificate Authority installed on its system.

Follow the information below to understand how to install the GoDaddy Certificate Authority on your Pega 7 server.

This issue will come up with attempting to build a custom mobile application for iOS or Android. You may notice the following entries in your Pega 7 log files. 

2016-10-25 17:14:14,758 [.PegaWorkManager : 1] [  STANDARD] [ ] [        SSL:01.01.01] (.ssl.CompositeX509TrustManager) DEBUG  Admin@GCS - certificate not trusted by TrustManager: com.ibm.jsse2.yc@6b3a0fe7

  1. com.ibm.jsse2.util.h: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is:

java.security.cert.CertPathValidatorException: The certificate issued by CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US is not trusted; internal cause is:

java.security.cert.CertPathValidatorException: Certificate chaining error

or 

2016-08-24 12:22:22,858 [  PegaRULES-Batch-1] [  STANDARD] [  BeCounted:01.01.01] (nvoke.Rule_Connect_REST.Action) ERROR  lakem -  com.pega.pegarules.pub.services.ConnectorException: Caught unhandled exception: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

The default path to the trust store on your Pega 7 server will most likely be located here:

In order to check if cacerts contains required entry execute the following. This command will list all entries, so you should search/grep for Go Daddy Root Certificate Authority - G2.

If you want to use truststore different than java one see (especially parts related to truststoreFile), see also:

 

***Thank you to Wieslaw Bondyra for this information***

Mobile
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Discussion, please write a new Discussion.