ConnectPlaza version 5.1.2 will contain the following important fixes, features and new components:

General notice regarding issues with TLS handhakes since 5.1.0 (PKIX path building failed: unable to find valid certification path to requested target).

We have received some information regarding various TLS handshake issues after installing 5.1.0. These issues arise during connecting to various HTTPS endpoints using our HTTP / OAuth2 / Webservice gateway components. The cause of these issues is due to the fact that this year a prominent root CA Certificate, the AAA Certificate Services, was deemed unsafe and removed by the authorities. This Root certificate, however, is used by many CA's that provide certificates for various internet domains. Since this certificate was deemed unsafe, it has been removed from Java's JDK and also by the JDK version that we use to run ConnectPlaza software and subsequently ConnectPlaza may not correctly connect to any webservers or hosts using certificates that are ultimately signed by AAA Certificate Services.

The solution to this immediate problem is to add this certificate back in ConnectPlaza to explicitly add it to the trust chain and re-allow connections for a short term solution. Longer term solutions will involve providers of these webservers to install new certificates that no longer make use of these unsafe certificates.

You may download the AAA Certificate Services certificate from this location.

Please rename this file after downloading to .cer and you may upload it into your ConnectPlaza Agent, through Deploy's Certificate Management tool. In here you can open the Trusted Certificates list and add it using the + plus sign. Once added you will need to restart your Agent. This action may need to be repeated for all Connect Agents that are affected.