Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

Gateway test connectivity is good but shows Invalid Certificates



User is on Pega 7.1.9 and  using Internet Application Composer (IAC) 7.1 which is shipped by default from media.

User updated web.xml in the war file to update the path of the keystore.

After updating the keystore path, Gateway console test connectivity to host node is good, but shows Invalid Certificates on the Host URL.

Invalid certificate error in Pega Host URL on host configuration page of web mashup configuration. 

Error Messages

After enabling SSL debug logs one can see below exceptions in the server logs:

13:59:04,314 INFO [com.pega.pegarules.gateway] (http-/ Got Certificates for https://......./prweb/PRServlet [;@d78cae4 
13:59:04,315 SEVERE [com.pega.pegarules.gateway] (http-/ Exception in getting certificates from https://...../prweb/PRServlet String index out of range: -1 
13:59:04,316 STDERR [stderr] (http-/ java.lang.StringIndexOutOfBoundsException: String index out of range: -1 
13:59:04,317 STDERR [stderr] (http-/ at java.lang.String.substring( 

Steps to Reproduce

1)Configure SSL handshake in the server. 
2)Configure prgateway in the server and on host configuration landing page enter the https URL for host. 
3) Observe invalid certificate error on click of red icon.

Root Cause

Single entry case of a certificate either CN or OU was not handled.


Apply HFix-30842.

Published January 5, 2017 - Updated October 8, 2020

Was this useful?

0% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us