How to get rid of "[ERROR CODE: -1 ] No issuer certificate found for subject [website]"

theBeastMaster
Mega Guru

‎08-18-2019 02:38 AM

While I am trying to hit an api url, I am getting below error :

 

[ERROR CODE: -1 ] No issuer certificate found for subject [website for eg: www.xyz.com]

Can anyone advise, what might be the possible issue in this case. I have uploaded certificates from website into servicenow. Also, I have tried to set the property "com.glide.communications.httpclient.verify_hostname" to false but still getting this error.

 

While I am testing through postman, I am not getting this error, if I set ssl certificate validation to off.

 

Please advise.

 

Thanks

0 Helpfuls
  • 3,890 Views
3 REPLIES 3

Ashish Nahar
Kilo Guru

‎08-18-2019 06:54 AM

We ran in to similar issues and the outcome was the customer firewall was causing the issue.

 

The issue is with the ServiceNow agent which is calling the API. We sat with the firewall team and identified the logs that user-Agent: was causing the problem

User-Agent: Jakarta Commons-HttpClient/3.1

Two way to fix this.

1. Sit with your firewall team and provide them the source IP address, which you can find in your hi instance and ask them to allow these IP address with this user-agent.

2. In your outbound API call, use this header. (might not resolve but give it a shot)

user-agent:servicenow

 

 

Let me know if this helped. Mark this as correct or helpful based on the impact

 

 

0 Helpfuls

theBeastMaster
Mega Guru
In response to Ashish Nahar

‎08-18-2019 07:15 AM

Thanks, Ashish. I will check the mentioned options.

 

Also, in another instance, I have uploaded certificates for the api but still I am getting [ERROR CODE: -1 ] SSLPeerUnverifiedException. 

which should not be the case. What might be the possible reason for this?

 

Thanks

0 Helpfuls

Ashish Nahar
Kilo Guru
In response to theBeastMaster

‎08-18-2019 07:34 AM

Would be glad to know the outcome. 

 

While with the firewall team, execute the API call and ask them to monitor the logs and look for  "User-Agent: Jakarta Commons-HttpClient/3.1".

 

This should resolve the issue. Before that do try the second option.

 

HTTP Headers table. Currently in read mode
Personalize ListActionsNameSort in descending orderValueSort in ascending order
  
 
user-agent
 
ServiceNow
0 Helpfuls