Hi, All:

I’m using webMethods 6.1.
Recently I am working with webSphere partner to do a RN EDI. I’m sender, and he is receiver. Cerificates of Both He and I are 3 layer architecture.

Present case is that I was sending external documents (Pips) to his URL running ok,and I can get the ‘200’ response code. But he can not send acks to us. He showed me the error from his log was “out of order certificate”. He hoped I can correct the configuration of certificate order in my site. His mail detail is below.

[I][COLOR=“DarkRed”]Hi Kevin,

We discussed this again with the WAS support team at IBM who confirmed that while a non-WebSphere partner might have a looser implementation of the rules and work by not verifying what is being sent after the leaf certificate, the IBM JDK rules are stricter, and requires a valid chain to accept it.

In your case the logs show that the root certificate is presented after the leaf, which causes our JDK to issue the error.
A permanent solution to get this server to work with our JDK, is to correct the https server configuration to present the certificates in the correct sequence.

Thanks

Syed[/color][/i]

Please help me how to change the order of certificate in TN console or other place ??

We received other partners are all ok but him. I already checked my config as same as others.

So for this case, what should I do as other special methods ?

Thanks all, pls help me. ~