We have a new 3rd party Service Provider we are trying to configure
Access Manager to use (as the Identity Provider), but it seems to be
failing with:

> X509 Certificate Validation Root Exception:
> com.novell.nidp.NIDPException: No issuer certificate for certificate in
> certification path found.
> Root Cause: java.security.cert.CertPathBuilderException: No issuer
> certificate for certificate in certification path found.

I've read over the documentation http://tinyurl.com/ooydhrm and even
used some existing Service Provider configurations as guidelines, but I
just can't seem to get this one working. Nor, can I find any decent
documentation/troubleshooting steps. Any ideas where to start with this
one? I've tried to walk through the steps, one at a time:

1.) Went to Identity Servers -> Servers -> Edit -> Security -> Trust
Stores -> NIDP Trust Store, and manually imported the Service Provider's
trusted root certificate. Everything appears to imported correctly, and
I see the "Ping Identity" Issuer. Never heard of Ping Identity, but
that part seems to work.

2.) Went to Identity Servers -> Servers -> Edit -> SAML 2.0 -> New ->
Service Provider. Gave it a name, and manually added the XML data.

3.) On the Service Provider's website, I pointed their settings at:

Once clicking OK a few times and updating the services, the Health goes
to a Warning state, and I see the above errors.

Did I miss a step?

DBray925's Profile: https://forums.netiq.com/member.php?userid=173
View this thread: https://forums.netiq.com/showthread.php?t=47838