Issue:
Workflow notificaiton mailer is not sending emails to recipients and getting below exception in logs.
Problem getting the HTML content -> oracle.apps.fnd.wf.mailer.NotificationFormatter$FormatterSAXException:
Problem obtaining the HTML content -> oracle.apps.fnd.wf.common.HTTPClientException: Unable to invoke method HTTPClient.HTTPConnection.Get caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed:sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Cause:
Due to self-signed certificate
Solution:
a. copy the root and intermediate certificates of EBS login url (LB URL) to app server.
b. Import the certificate into cacerts
1.cd $COMMON_TOP/util/jdk32/jre/lib/security
2.chmod u+w cacerts
3.keytool -import -alias ApacheRootCA -file ca.crt -v -keystore cacerts
4.keytool -import -alias ApacheInterA -file ca.crt -v -keystore cacerts
5.chmod u-w cacerts
c. Please follow the step b (2-5) in the below locations as well.
$COMMON_TOP/util/jdk64/jre/lib/security/
<s_fmw_jdktop>/jre/lib/security
s_fmw_jdktop - grep the value from context_file
d. Import the root & inter ca in the below file.
cat ca.crt >> <10.1.2 ORACLE_HOME>/sysman/config/b64InternetCertificate.txt
cat intca.crt >> <10.1.2 ORACLE_HOME>/sysman/config/b64InternetCertificate.txt
e. Bounce the workflow services.
Workaround:
Alternatively , We can Change the "WF: Workflow Mailer Framework Web Agent" [WF_MAIL_WEB_AGENT] profile option to point to the physical Web Server host address - http://<host>.<domain>:<port> and rebuild the workflow mailer queue.
No comments:
Post a Comment