Access Keys:
Skip to content (Access Key - 0)

Knowledgebase

GSS API - Bad Certificate Error Solution

Error

The following error is found in the Tomcat logs when Tomcat starts up, a user tries to log in, or users are attempting to exchange messages:

AxisFault
faultCode:
{http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: org.globus.common.ChainedIOException: Authentication
failed \[Caused by: Failure unspecified at GSS-API level \[Caused by:
Bad
certificate (The signature of
'O=NIH,OU=NCI,OU=NCICB,OU=caGrid,CN=host/cbiovdev5035.nci.nih.gov'
certificate does not match its issuer)\]\]
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace:Authentication failed.
Caused by Failure unspecified at GSS-API level. Caused by
COM.claymoresystems.ptls.SSLThrewAlertException: Bad certificate (The
signature of
'O=NIH,OU=NCI,OU=NCICB,OU=caGrid,CN=host/cbiovdev5035.nci.nih.gov'
certificate does not match its issuer)
at COM.claymoresystems.ptls.SSLConn.alert(SSLConn.java:243)
at
COM.claymoresystems.ptls.SSLHandshake.recvCertificate(SSLHandshake.java:
299)
at
COM.claymoresystems.ptls.SSLHandshakeClient.processTokens(SSLHandshak
eCl
ient.java:128)
...

Solution

Remove the following jars from each web application and place a single copy of each in the Tomcat shared lib folder:

  • cog-jglobus.jar
  • cryptix*
  • jce-jdk13-125.jar
  • gss.jar
  • puretls.jar
Last edited by
Clayton Clark (1172 days ago) , ...
Adaptavist Theme Builder Powered by Atlassian Confluence