<div dir="ltr">Hi Esteban,<div><br></div><div>I am using tomcat which is embraced on midpoint. I have added office certificate on  midpoint Keystore and Root CA Certificate of Java. Have you been using Office365 connector? if yes, Which version?</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 20 June 2018 at 16:57, Jeria, Esteban <span dir="ltr"><<a href="mailto:esteban.jeria@cgi.com" target="_blank">esteban.jeria@cgi.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">





<div lang="FR-CA" link="blue" vlink="purple">
<div class="m_-5748936313321596479WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Hi Fabio,<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Check the config for tomcat (catalina.sh or setenv.sh), if it is correctly pointing to the midPoint keystore path.<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Have you used the option -trustcacerts when adding the certificate to ensure to trust it.<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">You can also try by adding the root CA certificate instead.<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><b><span lang="EN-US" style="font-size:10.5pt;font-family:"Calibri Light","sans-serif";color:blue;background:white">Esteban Jeria</span></b><span lang="EN-US" style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:blue;background:white"><u></u><u></u></span></p>
<p class="MsoNormal"><span lang="FR" style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:blue;background:white"><a href="mailto:esteban.jeria@cgi.com" target="_blank"><span lang="EN-US" style="font-family:"Calibri Light","sans-serif"">esteban.jeria@cgi.com</span></a></span><span lang="EN-US" style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:blue;background:white"><br>
</span><span lang="EN-US" style="font-size:9.5pt;font-family:"Calibri Light","sans-serif";color:black;background:white">Conseil</span><span lang="FR" style="font-size:9.5pt;font-family:"Calibri Light","sans-serif";color:black;background:white">ler
</span><b><span lang="FR" style="font-size:9.5pt;font-family:"Calibri Light","sans-serif";color:red;background:white">CGI</span></b><span lang="FR" style="font-size:9.5pt;font-family:"Calibri Light","sans-serif";color:black;background:white"> / </span><b><span lang="FR" style="font-size:9.5pt;font-family:"Calibri Light","sans-serif";color:red;background:white">CGI</span></b><span lang="FR" style="font-size:9.5pt;font-family:"Calibri Light","sans-serif";color:black;background:white">
 Consultant</span><span lang="FR" style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:blue;background:white"><u></u><u></u></span></p>
<p class="MsoNormal"><span lang="FR" style="font-size:9.5pt;font-family:"Calibri Light","sans-serif";color:black;background:white">Sécurité - Gestion des Identités et des Accès / Security - Identity and Access Management<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="FR" style="font-size:9.5pt;font-family:"Calibri Light","sans-serif";color:black;background:white">514-415-3000 ext.1018296</span><span lang="FR" style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:blue;background:white"><u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><b><span lang="EN-US" style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span lang="EN-US" style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> Fabio Medeiro [mailto:<a href="mailto:fabio.medeiro@worldnettps.com" target="_blank">fabio.medeiro@<wbr>worldnettps.com</a>]
<br>
<b>Sent:</b> Wednesday, June 20, 2018 4:22 AM<br>
<b>To:</b> <a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a><br>
<b>Subject:</b> [midPoint] Erro Office365 Connector<u></u><u></u></span></p><div><div class="h5">
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<table class="m_-5748936313321596479MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100.0%;border-collapse:collapse">
<tbody>
<tr>
<td style="padding:0cm 0cm 7.5pt 0cm">
<p style="margin-right:0cm;margin-bottom:0cm;margin-left:0cm;margin-bottom:.0001pt;line-height:15.0pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">I was using office365 connector on midpoint 3.7, when last week it stopped working and starting show error bellow.<br>
2018-06-19 16:47:17,726 [] <span class="m_-5748936313321596479gmail-m2004726199105966151error">[http-nio-8080-exec-10]</span> <wbr>INFO (com.evolveum.midpoint.<wbr>provisioning.impl.<wbr>ConnectorManager): Created new connector instance for ConnectorSpec(resource:<wbr>fdb1aac3-b520-4773-948f-<wbr>6835a9232478(Office
 365 Connector), name=null, oid=9b7beed5-eda4-4802-a36a-<wbr>fece9adeb888): org.identityconnectors.<wbr>office365.Office365Connector v1.2.0.0-SNAPSHOT<br>
2018-06-19 16:47:18,499 [] <span class="m_-5748936313321596479gmail-m2004726199105966151error">[http-nio-8080-exec-10]</span> <wbr>ERROR (org.identityconnectors.<wbr>office365.Office365Connection)<wbr>: method: null msg:Error creating token, error javax.net.ssl.<wbr>SSLHandshakeException: sun.security.validator.<wbr>ValidatorException:
 PKIX path building failed: sun.security.provider.<wbr>certpath.<wbr>SunCertPathBuilderException: unable to find valid certification path to requested target<br>
2018-06-19 16:47:18,529 [] <span class="m_-5748936313321596479gmail-m2004726199105966151error">[http-nio-8080-exec-10]</span> <wbr>ERROR (org.identityconnectors.<wbr>office365.Office365Connection)<wbr>: method: null msg:Error creating token, error javax.net.ssl.<wbr>SSLHandshakeException: sun.security.validator.<wbr>ValidatorException:
 PKIX path building failed: sun.security.provider.<wbr>certpath.<wbr>SunCertPathBuilderException: unable to find valid certification path to requested target<br>
2018-06-19 16:47:18,548 [] <span class="m_-5748936313321596479gmail-m2004726199105966151error">[http-nio-8080-exec-10]</span> <wbr>ERROR (org.identityconnectors.<wbr>office365.Office365Connection)<wbr>: method: null msg:Error creating token, error javax.net.ssl.<wbr>SSLHandshakeException: sun.security.validator.<wbr>ValidatorException:
 PKIX path building failed: sun.security.provider.<wbr>certpath.<wbr>SunCertPathBuilderException: unable to find valid certification path to requested target<br>
2018-06-19 16:47:18,569 [] <span class="m_-5748936313321596479gmail-m2004726199105966151error">[http-nio-8080-exec-10]</span> <wbr>ERROR (org.identityconnectors.<wbr>office365.Office365Connection)<wbr>: method: null msg:Error creating token, error javax.net.ssl.<wbr>SSLHandshakeException: sun.security.validator.<wbr>ValidatorException:
 PKIX path building failed: sun.security.provider.<wbr>certpath.<wbr>SunCertPathBuilderException: unable to find valid certification path to requested target<br>
2018-06-19 16:47:18,995 [] <span class="m_-5748936313321596479gmail-m2004726199105966151error">[http-nio-8080-exec-10]</span> <wbr>ERROR (org.identityconnectors.<wbr>office365.Office365Connection)<wbr>: method: <span class="m_-5748936313321596479gmail-m2004726199105966151error">[null, IOE Error doing getRequest to
 path /tenantDetails?api-version=<wbr>2013-11-08]</span> msg:{}<br>
javax.net.ssl.<wbr>SSLHandshakeException: sun.security.validator.<wbr>ValidatorException: PKIX path building failed: sun.security.provider.<wbr>certpath.<wbr>SunCertPathBuilderException: unable to find valid certification path to requested target<u></u><u></u></span></p>
<p style="margin-right:0cm;margin-bottom:0cm;margin-left:0cm;margin-bottom:.0001pt;line-height:15.0pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">I have upgrade midpoint 3.7.1, 3.7.2, 3.8 .The cert is installed on midpoint and on java truestore and I am still getting some error. <br>
Does anyone have idea what it can be?<u></u><u></u></span></p>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<p><span lang="EN-GB" style="font-size:10.0pt">Kind Regards</span><span style="font-size:9.5pt"><u></u><u></u></span></p>
<p><span lang="EN-GB" style="font-size:10.0pt">Fabio Medeiro</span><span style="font-size:9.5pt"><u></u><u></u></span></p>
<p><span lang="EN-GB" style="font-size:10.0pt"> </span><span style="font-size:9.5pt">IT Helpdesk<u></u><u></u></span></p>
<p><span style="font-size:9.5pt"><img border="0" width="200" height="34" id="m_-5748936313321596479_x0000_i1025" src="cid:image001.png@01D4088D.15CFAE10" alt="/Users/dmcsharry/Library/Containers/com.microsoft.Outlook/Data/Library/Caches/Signatures/signature_464034326"><u></u><u></u></span></p>
<p><span lang="EN-GB" style="font-size:10.0pt">Hibernia House,</span><span style="font-size:9.5pt"><u></u><u></u></span></p>
<p><span lang="EN-GB" style="font-size:10.0pt">Cherrywood Business Park,</span><span style="font-size:9.5pt"><u></u><u></u></span></p>
<p><span lang="EN-GB" style="font-size:10.0pt">Loughlinstown, Co. Dublin D18 E440</span><span style="font-size:9.5pt"><u></u><u></u></span></p>
<p><span lang="EN-GB" style="font-size:10.0pt">Office: <a href="tel:+353%201%20531%200901" target="_blank"><span style="color:#1155cc">+353 (1) 531 0901</span></a></span><span style="font-size:9.5pt"><u></u><u></u></span></p>
<p><span lang="EN-GB" style="font-size:10.0pt">Website: <a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__www.worldnettps.com_&d=DwMFaQ&c=H50I6Bh8SW87d_bXfZP_8g&r=3iM986yl1CVC_rjHiE-INe9tiSAFCd7Ih6_50tgvu0w&m=JzNjQ4xA7QDXexG84xwhTMGamLesXbyrV0ZkoyX5M2k&s=kevpytUPTyrDLKHhbsMnPaknp8E-XB31OPnGKK4KSAo&e=" target="_blank"><span style="color:#0563c1">www.worldnettps.com</span></a>  </span><span style="font-size:9.5pt"><u></u><u></u></span></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div></div></div>
</div>

<br>______________________________<wbr>_________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/<wbr>mailman/listinfo/midpoint</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><br><div style="font-size:12.8px"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div><div><p><span lang="EN-GB" style="font-size:10pt">Kind Regards<u></u><u></u></span></p><p><span lang="EN-GB" style="font-size:10pt">Fabio Medeiro<u></u></span></p><p><span lang="EN-GB" style="font-size:10pt"> </span>IT Helpdesk</p><p><img width="200" height="34" src="cid:image001.png@01D3AFAC.1F980AD0" alt="/Users/dmcsharry/Library/Containers/com.microsoft.Outlook/Data/Library/Caches/Signatures/signature_464034326" style="font-size:10pt;width:2.0833in;height:0.3541in"><br></p><p><span lang="EN-GB" style="font-size:10pt">Hibernia House,<u></u><u></u></span></p><p><span lang="EN-GB" style="font-size:10pt">Cherrywood Business Park,<u></u><u></u></span></p><p><span lang="EN-GB" style="font-size:10pt">Loughlinstown, Co. Dublin D18 E440<u></u><u></u></span></p><p><span lang="EN-GB" style="font-size:10pt">Office: <a href="tel:+353%201%20531%200901" value="+35315310901" style="color:rgb(17,85,204)" target="_blank">+353 (1) 531 0901</a><u></u><u></u></span></p><p><span lang="EN-GB" style="font-size:10pt">Website: <a href="http://www.worldnettps.com/" style="color:rgb(17,85,204)" target="_blank"><span style="color:rgb(5,99,193)">www.worldnettps.com</span></a>  </span></p></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div>
</div>