During a new presentation, the Eudi wallet blocks on the verification of the x509 certificate contained in the 'x5c' field of the authorisation object. We get the error 'CERTIFICATE_PATH_ERROR':
java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:153)
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:79)
at java.security.cert.CertPathValidator.validate(CertPathValidator.java:301)
at eu.europa.ec.eudi.iso18013.transfer.internal.readerauth.ReaderTrustStoreImpl.validateCertificationTrustPath(ReaderTrustStoreImpl.kt:83)
at eu.europa.ec.eudi.wallet.internal.Openid4VpX509CertificateTrust.isTrusted(Openid4VpX509CertificateTrust.kt:36)
at eu.europa.ec.eudi.openid4vp.internal.request.ClientAuthenticator.x5c(RequestAuthenticator.kt:146)
at eu.europa.ec.eudi.openid4vp.internal.request.ClientAuthenticator.authenticateClient(RequestAuthenticator.kt:104)
at eu.europa.ec.eudi.openid4vp.internal.request.RequestAuthenticator$authenticate$2.invokeSuspend(RequestAuthenticator.kt:62)
at eu.europa.ec.eudi.openid4vp.internal.request.RequestAuthenticator$authenticate$2.invoke(Unknown Source:8)
at eu.europa.ec.eudi.openid4vp.internal.request.RequestAuthenticator$authenticate$2.invoke(Unknown Source:4)
at kotlinx.coroutines.intrinsics.UndispatchedKt.startUndispatchedOrReturn(Undispatched.kt:61)
at kotlinx.coroutines.CoroutineScopeKt.coroutineScope(CoroutineScope.kt:261)
at eu.europa.ec.eudi.openid4vp.internal.request.RequestAuthenticator.authenticate(RequestAuthenticator.kt:61)
at eu.europa.ec.eudi.openid4vp.internal.request.DefaultAuthorizationRequestResolver.resolveRequestUri(DefaultAuthorizationRequestResolver.kt:161)
at eu.europa.ec.eudi.openid4vp.internal.request.DefaultAuthorizationRequestResolver.access$resolveRequestUri(DefaultAuthorizationRequestResolver.kt:143)
at eu.europa.ec.eudi.openid4vp.internal.request.DefaultAuthorizationRequestResolver$resolveRequestUri$3.invokeSuspend(Unknown Source:15)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
This error only occurs on the android version and not on ios. We've done several tests, in particular including several certificates traced back to a parent certificate generated by Let's Encrypt, but we still get the same error.
Can you tell me what criteria the certificate must meet to pass validation?
Hello, first of all thank you for your work.
As part of the Gaia-X project, we are trying to integrate the Eudi wallet with our verifier (https://icp-portal.aster-x.demo23.gxfs.fr/verifier).
During a new presentation, the Eudi wallet blocks on the verification of the x509 certificate contained in the 'x5c' field of the authorisation object. We get the error 'CERTIFICATE_PATH_ERROR':
This error only occurs on the android version and not on ios. We've done several tests, in particular including several certificates traced back to a parent certificate generated by Let's Encrypt, but we still get the same error.
Can you tell me what criteria the certificate must meet to pass validation?
Thanks