Certificate validation failure in production

Apr 19, 2013 at 5:01 AM
Hi.

Does anyone know if there has been a recent change in the platform.healthvault.com certificate? Recently my application is failing when it wants to sync its data with HealthVault and I get

sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed

Many thanks,
Ali.
Apr 24, 2013 at 4:30 PM
Hey Ali,

I have been seeing the same issue the past few days when trying to perform drop-offs. The issue is intermittent. Sometimes I get the same exception as you noted above:

sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed

Other times I'll see this one:

Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

I assume the root cause is the same. I have retries built in. Sometimes the same request will go through fine on the 2nd or 3rd retry, sometimes not.

I came across this post from 2006 http://social.msdn.microsoft.com/Forums/en-US/adcenterdev/thread/c36663e3-726b-4ccd-a0fe-9a1f0fd0fe38/ which recommends manually importing the SSL certificate using keytool. I have done this on a test system and it appears to resolve the issue. But I am not 100% sure as the issue is intermittent for me.

Regards,
BJ
Coordinator
May 6, 2013 at 6:05 PM
Hi all,

Yes, the SSL certificates were misconfigured at HV for a while. The issue has been resolved.

--Rob