[midPoint] R: The validation of the certificate doesn't work with Microsoft Graph API Connector

Alessia Zuin alessia.zuin at innovery.net
Tue Oct 26 12:23:40 CEST 2021 

Hi Macik,

thank you for the help.
I followed what you said and now the connector it’s working correctly.


Best Regards,

[cid:image001.jpg at 01D7CA64.4E1B20A0]
ALESSIA ZUIN
MAIL: ALESSIA.ZUIN at INNOVERY.NET<mailto:ALESSIA.ZUIN at INNOVERY.NET>
PHONE: +39  06 51963439

WWW.INNOVERY.NET<http://www.innovery.net/>
STRADA QUATTRO SNC, PAL A6
CENTRO DIREZIONALE MILANOFIORI | 20057 ASSAGO (MI)

[cid:image002.jpg at 01D7CA64.4E1B20A0]
This e-mail and any attachments is confidential and may contain privileged information intended for the addressee(s) only. Dissemination, copying, printing or use by anybody else is unauthorized. If you are not the intended recipient, please delete this message and any attachments and advise the sender by return e-mail, Thanks. Respect the environment. Do not print this mail if it is not necessary.

Da: Matus Macik <matus.macik at evolveum.com>
Inviato: martedì 26 ottobre 2021 10:26
A: midPoint General Discussion <midpoint at lists.evolveum.com>
Cc: Andrea Picconi <andrea.picconi at innovery.net>; Alessia Zuin <alessia.zuin at innovery.net>
Oggetto: Re: [midPoint] The validation of the certificate doesn't work with Microsoft Graph API Connector

Hi Andrea,

I am currently working on some demonstration regarding the connector and I found that the following certificates are the right ones to use regarding this connector:
- DigiCert Global Root CA
- DigiCert Global Root G2

Just add them to the midPoint keystore and restart midPoint.

I hope this helps.

________________________________
From: "midPoint General Discussion" <midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>>
To: "midPoint General Discussion" <midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>>
Cc: "Andrea Picconi" <andrea.picconi at innovery.net<mailto:andrea.picconi at innovery.net>>, "Alessia Zuin" <alessia.zuin at innovery.net<mailto:alessia.zuin at innovery.net>>
Sent: Tuesday, October 26, 2021 10:13:48 AM
Subject: [midPoint] The validation of the certificate doesn't work with Microsoft Graph API Connector

Hi all,

I'm testing the Microsoft Graph API Connector to be able to connect Midpoint with Azure, but I have some problems with the certificate that Midpoint is using to create a secure connection to comunicate with Azure.
I have install the connector inside the correct folder, I have create the certificate .der and put it inside the keystore of Midpoint but it wasn't working, so after that I have added that certificate inside the keystore of the jvm that Midpoint use at the start up. After this I have resterted the virtual machine but I still get the same error.

Here, the error:
"org.identityconnectors.framework.common.exceptions.ConnectionFailedException(java.util.concurrent.ExecutionException: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)->java.util.concurrent.ExecutionException(javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)->javax.net.ssl.SSLHandshakeException(PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)->sun.security.validator.ValidatorException(PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)->sun.security.provider.certpath.SunCertPathBuilderException(unable to find valid certification path to requested target)"

Any idea?

Thank you and regards,
Andrea



_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com<mailto:midPoint at lists.evolveum.com>
https://lists.evolveum.com/mailman/listinfo/midpoint

--
Best Regards,

Matus Macik | Developer and Identity Management Engineer
matus.macik at evolveum.com<mailto:matus.macik at evolveum.com> | www.evolveum.com<http://www.evolveum.com>
Evolveum
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20211026/96db36ab/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 2584 bytes
Desc: image001.jpg
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20211026/96db36ab/attachment-0002.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 1987 bytes
Desc: image002.jpg
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20211026/96db36ab/attachment-0003.jpg>

More information about the midPoint mailing list