Getting SSL Handshake errors from Eclipse deployment accelerator

Hi All

I just replaced my identityiq website’s certificates to be valid for another 2 years. I have no problem accessing the site with Chrome or Safari or IE/Edge.

But when I try to deploy my artifacts using Eclipse’s plugin I get “untrusted CA cert”. Eclipse logs are showing the following error:

!ENTRY sailpoint.IIQ_Deployment_Accelerator.IdentityIQ 4 0 2021-05-30 15:30:30.432
!MESSAGE DeployArtifactJob.run: Throwable
!STACK 0
sailpoint.iiqda.exceptions.ConnectionException: Connection failed - javax.net.ssl.SSLException: readHandshakeRecord
at sailpoint.iiqda.deployer.IIQRESTClient.doPost(IIQRESTClient.java:311)
at sailpoint.iiqda.deployer.IIQRESTClient.doPost(IIQRESTClient.java:230)
at sailpoint.iiqda.deployer.IIQRESTClient.sendFile(IIQRESTClient.java:88)

Is this an eclipse problem or an IIQ DA problem? And how do I go about fixing it?

Thanks.
Pasha
7.3p3

Hey Pasha, thank you for posting this question. I will try to seek an answer for your inquiry, but please note that due to the observance of the Memorial Day holiday in the U.S., the majority of our staff will not be returning to the office until Tuesday, June 1st

Hi Pasha,

My guess is that the Java trust store needs to be updated for the Java version in use by Eclipse. The CA certificate for your server will have to be added to the Java trust store, which is typically found under $JAVA_HOME/jre/lib/security and is called cacerts.

For more info, see the manual pages for keytool or Import the Certificate as a Trusted Certificate (The Java™ Tutorials > Security Features in Java SE > Exchanging Files).

  • Menno

Thanks @menno_pieters Turned out there was something wrong with my certificate. I got a new certificate with all the ca chain and the problem is solved.

Thanks again.
Pasha