Certificate error enrolling Android for Smartphone authenticator

Document ID:7024911
Creation Date:06-Nov-2020
Modified Date:06-Nov-2020
- Micro Focus Products:
  Advanced Authentication

Environment

Advanced Authentication 6.3

Smartphone authentication method

NetIQ Auth app on Smartphone

Situation

Error enrolling smart phone authenticator:

java.security.cert.CertPathValidatorException: Trust anchor for certification path not found

https://www.netiq.com/documentation/advanced-authentication-63/smartphone-applications/data/t481aiz1lpqz.html

Resolution

Enter all intermediate certificates in the certificate chain in the "Server Options" section of the Advanced Authentication Admin portal (https://<AA server address>/Admin).

Note that self signed certificates are not supported and do not work.

For more detail see the online documentation here

https://www.netiq.com/documentation/advanced-authentication-63/smartphone-applications/data/t481aiz1lpqz.html

and here

https://www.netiq.com/documentation/advanced-authentication-63/server-administrator-guide/data/upload_ssl_cert.html

Additional Information

Troubleshooting tip:

Open a bowser on the smart phone and brows to the server URL listed in Methods, Smartphone in the Advanced Authentication Admin portal. It should show as https://<AAserverURL>/smartphone

You must be able to browse to this site without certificate errors in order to enroll the smart phone method.