Hello All,

I meet an issue since I configure Identity Governance to be accesses with SSL.

My authentication server is installed on a separated server with Identity Application and SSPR. SSL is enabled on this server and I can log in to SSPR and Identity Application without issue.

When I logged to IG, I have the following issue : An error occured while attempting to contact the authentication service.

I checked the logs on both servers and I found this issue on OSP log:
Code:
Preamble: [OIDP]
Priority Level: SEVERE
Java: internal.osp.oidp.service.authentication.classes.sspr.SSPRChecksClass.needToCheck() [206] thread=localhost-startStop-1
Time: 2018-02-21T20:26:06.366+0100
Log Data: Level: SEVERE
Code: internal.osp.oidp.service.authentication.classes.sspr.SSPRChecksClass.needToCheck() [205]
Thread: https-jsse-nio-8443-exec-2
Correlation Id: 36180125-1896-4eba-aa22-d061b32d1443
Text: Error occurred in Get Status request to SSPR:
Error: javax.net.ssl.SSLHandshakeException
java.security.cert.CertificateException: Untrusted Certificate-chain
java.security.cert.CertificateException
Untrusted Certificate-chain
sun.security.ssl.Alerts: Alerts.java: getSSLException: 192
sun.security.ssl.SSLSocketImpl: SSLSocketImpl.java: fatal: 1,959
sun.security.ssl.Handshaker: Handshaker.java: fatalSE: 302
sun.security.ssl.Handshaker: Handshaker.java: fatalSE: 296
sun.security.ssl.ClientHandshaker: ClientHandshaker.java: serverCertificate: 1,514
On the server with OSP, UserApp and SSPR, I used a custom keystore with following certificate:
- CA certificate
- Private Key
- Public Key
- Public Key of IG server

On the server with IG, I used a custom keystore with following certificate:
- CA certificate
- Private Key
- Public Key
- Public Key of OSP server

Does someone have any ideas ?

Thanks in advance for your help.