01-31-2022 09:48 AM
Alteryx License Server returns the following error when adding or modifying a license:
ERROR: {
"key":"glsErr.sslMisconfigured",
"arguments":[
"I/O error on POST request for \"https://flex1280.flexnetoperations.com/flexnet/deviceservices\": sun.security.validat
or.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested ex
ception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: un
able to find valid certification path to requested target"
],
"message":"SSL is misconfigured: I/O error on POST request for \"https://flex1280.flexnetoperations.com/flexnet/dev
iceservices\": sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification
path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certp
ath.SunCertPathBuilderException: unable to find valid certification path to requested target"
}
By default, the Alteryx License Server uses a local keystore to handle HTTPS communication with the Flexera servers. The cause of the above error is the expiration of the certificates stored in this file.
# HTTPS client mode. You generally don't need to specify this, as flexnet.certs will be consulted if # a https:// lfs.url value is found in producer-settings.xml. https-out: # Set to true to enable enabled: true # Path to truststore containing server certificate. truststore-path: C:\Program Files\Java\jre1.8.0_281\lib\security\cacerts # Truststore password. You can obfuscate this with java -jar flexnetls.jar -password your-password-here truststore-password: changeit # Switch off if you're having host validation problems (not recommended) host-verify: true # Set to true if you're using self-signed certificates (not recommended) self-signed: falseNote: For the truststore-path, point this to the cacerts file where you currently have your Java Runtime Environment installed. The above is the default install location.