Unable to generate self-signed certificate on POA

  • 7022577
  • 19-Jan-2018
  • 22-Jan-2018


GroupWise 2014
GroupWise 2014R2


When trying to generate a new self-signed certificate on the POA you get the error below:

"javax.ws.rs.WebApplicationException: javax.xml.bind.MarshalException - with linked exception [javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed]"


1.  You will want to generate a new admin service certificate for the POA with the following command: 
  • gwadminutil certinst –db /path/to/po –ca primaryDomain.com:9710 –a admin -p
2. Restart both the admin service and the POA. You have to do each command individually because "rcgrpwise restart" does not restart the admin-service.
  1. rcgrpwise restart gwadminservice
  2. rcgrpwise restart 
3. You are now able to generate a new self-signed certificate for the POA through the admin console.


The post office agent has a bad admin service certificate.