When trying to generate a new self-signed certificate on the POA you get the error below:
"javax.ws.rs.WebApplicationException: javax.xml.bind.MarshalException - with linked exception [javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed]"
1. You will want to generate a new admin service certificate for the POA with the following command:
- gwadminutil certinst âdb /path/to/po âca primaryDomain.com:9710 âa admin -p
2. Restart both the admin service and the POA. You have to do each command individually because "rcgrpwise restart" does not restart the admin-service.
- rcgrpwise restart gwadminservice
- rcgrpwise restart
3. You are now able to generate a new self-signed certificate for the POA through the admin console.
The post office agent has a bad admin service certificate.