Issue: When users try to enroll the Smartphone authenticator using the Android app, an error message java.security.cert.CertPathValidatorException: Trust anchor for certification path not found is displayed.
Reason: This issue is due to the self-signed certificate that the administrator has uploaded in the Server Options of the Administration portal. The certificate either does not contain all the required certificates or it does not contain information in the following order:
-----BEGIN PRIVATE KEY----- (Your Private Key: your_domain_name.key) -----END PRIVATE KEY----- -----BEGIN CERTIFICATE----- (Your Primary SSL certificate: your_domain_name.crt) -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- (Your Intermediate certificate: intermediate.crt) -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- (Your Root certificate: TrustedRoot.crt) -----END CERTIFICATE-----
Workaround: Contact your administrator and request to validate the configuration of the Smartphone authenticator. This issue may be related to a conflict in the IP address or port.
You can access the Advanced Authentication server URL in the browser of your Android smartphone to validate the certificate. If the certificate is invalid, a warning message is displayed stating that the connection is not trusted.