"Error Validating X509 Certificate of Trusted Provider" message after adding SAML2 Identity Provider (IDP) to NAM SAML2 configuration

Trying to establish a trust relationship between NAM, acting as the SAML2 Service Provider, and the NetIQ SocialAccess appliance acting as the SAML2 Identity Server. After importing the metadata, the NAM Identity server reports a yellow health status with the following error:

<b>System Event Time:</b> 2014-06-04 17:40:43 <b>Age:</b> 20H 1M 421Ms <b>Level:</b> Functional Loss<br><b>Comments:</b><br>Unable to validate SAML2 Trusted Identity Provider. The trusted relationship with this entity will not be functional!<br>Error Validating X509 Certificate of Trusted Provider<br>Trusted Provider Type: SAML2 Trusted Identity Provider<br>Trusted Provider Id: https://saapp.netiq.com/osp/a/t1/auth/saml2/metadata<br>Error Validating X509 Signing Certificate<br>X509 Certificate Version: 3<br>X509 Certificate Subject: CN=ag4csrv1 O=Novell Inc ST=UT C=US<br>X509 Certificate Issuer: CN=ag4csrv1 O=Novell Inc ST=UT C=US<br>X509 Certificate Serial Number: 10974212810643347272<br>X509 Certificate Start Date: 2014-05-26 21:12:33<br>X509 Certificate Expiration Date: 2016-05-25 21:12:33<br>X509 Certificate Validation Root Exception: com.novell.nidp.NIDPException: class configured for CertPathBuilder: org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi not a CertPathBuilder Root Cause: java.security.NoSuchAlgorithmException: class configured for CertPathBuilder: org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi not a CertPathBuilder

The appropriate trusted roots are added to the NIDP-Trust store.

Disable OCSP check on NAM by doing the following: