PrevPrev Go to previous topic
NextNext Go to next topic
Last Post 09/12/2018 10:19 AM by  JimY
Receiving Certificate Chaining Error in Punchout for Amazon
 4 Replies
Sort:
You are not authorized to post a reply.
Author Messages
JimY
Private
Private
Veteran Member
(1194 points)
Veteran Member
Posts:428


Send Message:

--
09/12/2018 9:30 AM

    On Monday we had to apply a new certificate for Staples since then we are unable to access Amazon Punchout.  We receive the error below.  Has anyone else ran into this problem and if so what did you do to resolve it.  Amazon does not issue a certificate so the one that it is having a problem with is the server certificate and that appears to be good.  I doesn't expire until 2020.  Thank you.

    9/12/18 10:07:03:205 EDT] 00000090 ForwardReques I POST result=[Failure opening connection to https://www.amazon.com/eprocurement/punchout. com.ibm.jsse2.util.n: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: 
    java.security.cert.CertPathValidatorException: The certificate issued by CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US is not trusted; internal cause is: 
    java.security.cert.CertPathValidatorException: Certificate chaining error
    ]

    DennisD
    Application Engineer
    Private
    Basic Member
    (10 points)
    Basic Member
    Posts:4


    Send Message:

    --
    09/12/2018 9:50 AM

    We don't punchout to Amazon, so I cant speak to the issue you're having.   However, we did have to apply new Staples certificates yesterday.  Staples said an email was sent an advance of this change.  Apparently, this notice never found its way to the IT department.

     

    Good luck.

    Kwane McNeal
    Private
    Private
    Veteran Member
    (1266 points)
    Veteran Member
    Posts:422


    Send Message:

    --
    09/12/2018 9:53 AM
    Jim,
    Seems like you need to add the root cert to the keystore. Have you tried that, and did it work?
    JimY
    Private
    Private
    Veteran Member
    (1194 points)
    Veteran Member
    Posts:428


    Send Message:

    --
    09/12/2018 9:57 AM
    We received the email back in August, unfortunately I lost track of it and on Monday no one could access Staples. Now we can't access Amazon after applying it. The root cert was added. I also deleted it and re added it. Still receiving the error. Thank you for the responses.
    JimY
    Private
    Private
    Veteran Member
    (1194 points)
    Veteran Member
    Posts:428


    Send Message:

    --
    09/12/2018 10:19 AM
    Thanks to a suggestion on the Infor Communities I was able to resolve this issue. I ended up using the URL www.amazon.com and retrieving from port using 443. It's strange that I didn't have to do this before. Thank you for helping.
    You are not authorized to post a reply.