I am setting up a KEYRING and certificates for TN3270 and getting handshake error "To resolve the handshake error 'The certificate chain was issued by an authority that is not trusted.". What can caused this?

Document ID : KB000028864
Last Modified Date : 14/02/2018
Show Technical Document Details

To resolve the handshake error 'The certificate chain was issued by an  authority that is not trusted.' there are two options:

  1. The Server certificate's signing certificate can be EXPORTed from the ACF2 database and deployed to the PC(s) and imported into the PC(s) applilcation's keystore.                                                               
  2. The Server certificate can be signed by an external popular CA, the returned signed Server certificate can be INSERTed into the ACF2 database along the the signing external CA Certauth certificate. Since the popular common external CERTAUTH certificates already exist in most keystores on the PC, deployment to the Client is usually necessary.