1. Oracle Enterprise Performance Management Cloud Operations Guide
  2. Troubleshooting EPM Cloud Issues
  3. Resolving EPM Automate Issues
  4. Resolving the EPMAT-7: Unable to Connect, Unsupported Protocol: https Error When Using a Proxy Server

Resolving the EPMAT-7: Unable to Connect, Unsupported Protocol: https Error When Using a Proxy Server

This error is displayed if the root CA certificate that EPM Automate uses is not available to establish a secure connection with the HTTP Proxy server that is being used.

On Windows, EPM Automate uses the Root CA SSL certificate installed in C:\Oracle\EPM Automate\jre1.8.0_401\lib\security\cacerts to secure communication with the proxy server, if any, that you use. If the Root CA certificate is not available in this store, you must install it to resolve this error. Generally, this certificate is available in the default certificate store used on your computer. Work with your Windows network administrator or use the following procedure to identify and import it.

To install the Root CA certificate in the certificate store used by EPM Automate:

  1. Create a backup copy of the current EPM Automate certificate store (generally, C:\Oracle\EPM Automate\jre1.8.0_401\lib\security\cacerts).
  2. Login to the Oracle Enterprise Performance Management Cloud environment from a browser and complete steps appropriate for your browser to identify and save the Root CA certificate in use:

    • Mozilla Firefox:

      1. Click the Verified by (padlock) icon in the URL bar and then Connection secure, and then More Information.
      2. On Security, click View Certificate.
      3. In Certificates, open the tab listing the root CA certificate.
      4. In Miscellaneous section, click PEM (cert) next to Download to save the specific certificate to the download folder set for Firefox..

    • Microsoft Edge:

      1. Click the View site information (padlock) icon in the URL bar and then Connection is secure, and then Show certificate.
      2. In Certificate Viewer, click Details.
      3. In Certificate Hierarchy, click the root certificate and then click Export.
      4. Save the certificate to a convenient location on your computer.

    • Google Chrome:

      1. Click the View site information icon in the URL bar, then Connection is secure, and then Certificate is valid.
      2. In Certificate Viewer, click Details.
      3. In Certificate Hierarchy, click the root certificate and then click Export.
      4. Save the certificate to a convenient location on your computer.
  3. From an elevated Command Prompt window, navigate to the bin folder of the JRE that EPM Automate uses; usually, C:\Oracle\EPM Automate\jre1.8.0_401\bin
  4. Run Java keytool and import the Root CA certificated that you exported in step 2. Use changeit, which is the default password, when prompted for the keystore password.
    keytool -import -alias "ROOT_CA_NAME" -keystore "EPM Automate_KEYSTORE_LOCATION" -file "NAME_AND_LOCATION_EXPORTED_CA_ROOT_CERTIFICATE" 
"EXPORTED_CA_ROOT_CERTIFICATE"
    For example, you can use the following command to import DigiCert Global Root CA certificate that you previously exported as C:\downloads\DigiCert Global Root CA.crt:
    keytool -import -alias "DigiCert Global Root CA" 
-keystore "C:\Oracle\EPM Automate\jre1.8.0_111\lib\security\cacerts" -file "C:\downloads\DigiCert Global Root CA.crt"

For detailed information on fixing other proxy-related issues, see Fixing Proxy Issues.