Typical issues you might encounter related to security and authentication vary depending on which layer of security the issues are happening in. The three layers of security are:
- IP allowed list enforced on Verato’s servers (and potentially similar firewall restrictions on the client side)
- Mutual TLS authentication – exchanging keys between the client and server
- Username/password authentication within the Verato application
If you are encountering errors or exceptions when testing connectivity, some useful tips are listed below.
Errors or exceptions due to a problem with the firewall restrictions (on Verato’s server or the client side) will typically be some form of a server connection
refused, socket connection reset by peer, or timeout message.
Errors or exceptions due to a problem with the client-server key exchange will typically be some message with the terms key exchange, handshake or SSL
handshake in the error message.
If your client computer is not set up to trust the third-party Certificate Authority (CA) that Verato uses (GoDaddy), you may see an error similar to the following:
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
In this case, you need to import a root certificate, and potentially an intermediate certificate, into your cacerts file using the keytool command.
Errors or exceptions due to a problem with the username/password passed for authentication will typically have the term authentication failure in the error message.
