After Configuring Spectrum for SSL it now shows "Unable to Contact" in the CAPC data source list

Document ID : KB000032485
Last Modified Date : 14/02/2018
Show Technical Document Details


After configuring Spectrum to use SSL, while CAPC is not configured to use SSL, the Spectrum data source shows as "Unable to Contact" in the CAPC data source list

In the PCService.log you will see an error that looks like this:

ERROR | qtp559824849-30    | 2015-01-09 12:04:09,957 |          


      | Received WebServiceException from version check for data source Spectrum Infrastructure SSLHandshakeException invoking PKIX path building failed: unable to find valid certification path to requested target. MESSAGE=Could not send Message..  Returning DS_COMM_FAILURE result.



All CAPC environments

All Spectrum environments



The Spectrum SSL cert has not been imported into the CAPC keystore



To resolve this issue you must import the Spectrum SSL cert into the CAPC keystore:

After configuring Spectrum to use SSL take the $SPECROOT/custom/keystore/cacerts file and move it over to the CAPC server. You can put it in the /opt/CA/jre/lib/security/ directory on the CAPC server  The cacerts file is the Spectrum keystore file to which certs are imported for configuring SSL.  Now do the following:

  1. Log on to the CAPC
  2. cd /opt/CA/jre/bin/
  3. Run the following command:  ./keytool -keystore /opt/CA/jre/lib/security/cacerts -storepass <password> -alias <alias> -importcert -file <cert name>.cer  -trustcacerts
  4. Kick off a full synch of the Spectrum data source

The Spectrum data source should now successfully synch in CAPC