javax.net.ssl.SSLHandshakeException: null cert chain

Document created by sheng_liao462475 Employee on Nov 3, 2016Last modified by chris_stevens on Nov 7, 2016
Version 2Show Document
  • View in full screen mode

Error

javax.net.ssl.SSLHandshakeException: null cert chain

Cause

"null cert chain" error usually indicates bad certificate or certificate is not added correctly.

 

Troubleshoot

  1. On Atom Management page Shared Web Server - User Management tab, check if the SSL client certificate is added for the user.
  2. Add the below line to atom.vmoptions files and restart the atom.
    -Djavax.net.debug=all
    This will give you more details of error "null cert chain" in container logs. Just remember to remove the above line from atom.vmoptions files and restart the atom afterwards.
  3. Search for null cert chain error in container logs and see if there are entries like this.
    [sun.security.ssl.HandshakeMessage$CertificateMsg print] *** Certificate chain
    [sun.security.ssl.HandshakeMessage$CertificateMsg print] <Empty>
    javax.net.ssl.SSLHandshakeException: null cert chain
    [sun.security.ssl.SSLEngineImpl sendAlert] , SEND TLSv1 ALERT:
    [sun.security.ssl.SSLEngineImpl sendAlert] fatal,
    [sun.security.ssl.SSLEngineImpl sendAlert] description = bad_certificate
  4. Re-generate the SSL certificate and re-import the cert to Boomi.

Attachments

    Outcomes