I'm trying to stand up a development machine with Enterprise Builder and Workflow manager installed. I've got everything installed and a domain certificate in place and all appears to be working and I'm not receiving any certificate errors when opening portal / server / workflow manager URLs. But when I try to create a new workflow item I receive the following
Reviewing the ArcGIS Server logs, I see the following errors. I have no idea how to resolve this issue. Anyone know what causes this?
SEVERE Nov 21, 2023, 9:03:36 AM ! @83j0ah0o9 - Internal server error, for (POST) [/workflow/admin/createWorkflowItem?name=testing&token=APplxCQbMKWhcBGHyG7G86ZByMBTxYP6yXnsgWPyb3fSN9CIX2y8-kufo4JCReh8hLazjEj6ZnjzEbiLrVTuU3SWTH7hrN-JlR4BqXlHWp45M9bWWAx2prm25Aqyd6W1Vg2BEZibH6NaXH9Fs_1xOTa-siDlEthZhf4P9eFce-SLhTJO93ShjPqYcT_lBLMzXX4Azei52BsCsP-hJoW_fwr95ki1ye_1ArP9vt2GGe1SMC77y-OJI1pXsiUS7qPnqGwMEL8vewoG_hsc6cXtJQ..] -> play.api.UnexpectedException: Unexpected exception[ConnectException: No trust manager was able to validate this certificate chain: # of exceptions = 4] at play.api.http.HttpErrorHandlerExceptions$.throwableToUsefulException(HttpErrorHandler.scala:358) Caused by: java.net.ConnectException: No trust manager was able to validate this certificate chain: # of exceptions = 4 at play.shaded.ahc.org.asynchttpclient.netty.channel.NettyConnectListener.onFailure(NettyConnectListener.java:179) Caused by: javax.net.ssl.SSLHandshakeException: No trust manager was able to validate this certificate chain: # of exceptions = 4 at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source) Caused by: com.typesafe.sslconfig.ssl.CompositeCertificateException: No trust manager was able to validate this certificate chain: # of exceptions = 4 at com.typesafe.sslconfig.ssl.CompositeX509TrustManager.checkServerTrusted(CompositeX509TrustManager.scala:89) WorkflowManager
WARNING Nov 21, 2023, 9:03:36 AM Exception thrown during asynchronous load java.net.ConnectException: No trust manager was able to validate this certificate chain: # of exceptions = 4 at play.shaded.ahc.org.asynchttpclient.netty.channel.NettyConnectListener.onFailure(NettyConnectListener.java:179) Caused by: javax.net.ssl.SSLHandshakeException: No trust manager was able to validate this certificate chain: # of exceptions = 4 at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source) Caused by: com.typesafe.sslconfig.ssl.CompositeCertificateException: No trust manager was able to validate this certificate chain: # of exceptions = 4 at com.typesafe.sslconfig.ssl.CompositeX509TrustManager.checkServerTrusted(CompositeX509TrustManager.scala:89) WorkflowManager
SEVERE Nov 21, 2023, 9:03:16 AM ! @83j0afobd - Internal server error, for (GET) [/workflow/checkStatus?token=APplxCQbMKWhcBGHyG7G86ZByMBTxYP6yXnsgWPyb3fSN9CIX2y8-kufo4JCReh8hLazjEj6ZnjzEbiLrVTuU3SWTH7hrN-JlR4BqXlHWp45M9bWWAx2prm25Aqyd6W1Vg2BEZibH6NaXH9Fs_1xOTa-siDlEthZhf4P9eFce-SLhTJO93ShjPqYcT_lBLMzXX4Azei52BsCsP-hJoW_fwr95ki1ye_1ArP9vt2GGe1SMC77y-OJI1pXsiUS7qPnqGwMEL8vewoG_hsc6cXtJQ..] -> play.api.UnexpectedException: Unexpected exception[ConnectException: No trust manager was able to validate this certificate chain: # of exceptions = 4] at play.api.http.HttpErrorHandlerExceptions$.throwableToUsefulException(HttpErrorHandler.scala:358) Caused by: java.net.ConnectException: No trust manager was able to validate this certificate chain: # of exceptions = 4 at play.shaded.ahc.org.asynchttpclient.netty.channel.NettyConnectListener.onFailure(NettyConnectListener.java:179) Caused by: javax.net.ssl.SSLHandshakeException: No trust manager was able to validate this certificate chain: # of exceptions = 4 at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source) Caused by: com.typesafe.sslconfig.ssl.CompositeCertificateException: No trust manager was able to validate this certificate chain: # of exceptions = 4 at com.typesafe.sslconfig.ssl.CompositeX509TrustManager.checkServerTrusted(CompositeX509TrustManager.scala:89) WorkflowManager
WARNING Nov 21, 2023, 9:03:16 AM Exception thrown during asynchronous load java.net.ConnectException: No trust manager was able to validate this certificate chain: # of exceptions = 4 at play.shaded.ahc.org.asynchttpclient.netty.channel.NettyConnectListener.onFailure(NettyConnectListener.java:179) Caused by: javax.net.ssl.SSLHandshakeException: No trust manager was able to validate this certificate chain: # of exceptions = 4 at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source) Caused by: com.typesafe.sslconfig.ssl.CompositeCertificateException: No trust manager was able to validate this certificate chain: # of exceptions = 4 at com.typesafe.sslconfig.ssl.CompositeX509TrustManager.checkServerTrusted(CompositeX509TrustManager.scala:89) WorkflowManager
Solved! Go to Solution.
After working with customer support, they let me know that the certificates have to be assigned in ArcGIS Server, and Portal admin URLs. I had assigned the certificate to the ArcGIS Server admin URL (https://kfoster.kf.udc/server/admin/machines/KFOSTER.KF.UDC) but I also had to import and assign the certificate to the portal admin URL (https://kfoster.kf.udc/portal/portaladmin/security/sslCertificates)
Once the certificate was imported and assigned to portal as well, the workflow was created successfully with no more errors.
After working with customer support, they let me know that the certificates have to be assigned in ArcGIS Server, and Portal admin URLs. I had assigned the certificate to the ArcGIS Server admin URL (https://kfoster.kf.udc/server/admin/machines/KFOSTER.KF.UDC) but I also had to import and assign the certificate to the portal admin URL (https://kfoster.kf.udc/portal/portaladmin/security/sslCertificates)
Once the certificate was imported and assigned to portal as well, the workflow was created successfully with no more errors.