Component: Tomcat / Certificates

 

Affected Version: Ephesoft Transact 4.5

 

Issue Description:

Seeing ephesoft service startup issue with below exception message in Ephesoft Transact 4.5 when keystore & truststore are pointing to same JKS file and truststore file does not have a CA Certificate. The issue is not  observed in version before 4.5.

 

Exception Stack Trace:
Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200) ~[?:1.8.0_144]

 

Root Cause:
This Issue due to tomcat upgrade from 4130 to 4500 and the issue remains internal to tomcat version 8.5.23.

Solution: 
Add CA certificate in JKS file to resolve the issue.
If customer not using PIV CAC then only use keystore property in connection settings.