Resolving the EPMAT-7: Unable to Connect, Unsupported Protocol: https Error When Using a Proxy Server
This error is displayed if the root CA certificate that EPM Automate uses is not available to establish a secure connection with the HTTP Proxy server that is being used.
On Windows, EPM Automate uses the Root CA SSL
certificate installed in C:\Oracle\EPM
Automate\jre1.8.0_401\lib\security\cacerts
to secure communication with
the proxy server, if any, that you use. If the Root CA certificate is not available in
this store, you must install it to resolve this error. Generally, this certificate is
available in the default certificate store used on your computer. Work with your Windows
network administrator or use the following procedure to identify and import it.
To install the Root CA certificate in the certificate store used by EPM Automate:
- Create a backup copy of the current EPM Automate certificate store (generally,
C:\Oracle\EPM Automate\jre1.8.0_401\lib\security\cacerts
). - Login to the Oracle Enterprise Performance Management Cloud environment
from a browser and complete steps appropriate for your browser to identify and save
the Root CA certificate in use:
-
Mozilla Firefox:
- Click the Verified by (padlock) icon in the URL bar and then Connection secure, and then More Information.
- On Security, click View Certificate.
- In Certificates, open the tab listing the root CA certificate.
- In Miscellaneous section, click PEM (cert) next to Download to save the specific certificate to the download folder set for Firefox..
-
Microsoft Edge:
- Click the View site information (padlock) icon in the URL bar and then Connection is secure, and then Show certificate.
- In Certificate Viewer, click Details.
- In Certificate Hierarchy, click the root certificate and then click Export.
- Save the certificate to a convenient location on your computer.
-
Google Chrome:
- Click the View site information icon in the URL bar, then Connection is secure, and then Certificate is valid.
- In Certificate Viewer, click Details.
- In Certificate Hierarchy, click the root certificate and then click Export.
- Save the certificate to a convenient location on your computer.
-
- From an elevated Command Prompt window, navigate to the bin folder of the JRE that
EPM Automate uses; usually,
C:\Oracle\EPM Automate\jre1.8.0_401\bin
- Run Java keytool and import the Root CA certificated that you exported in step 2.
Use
changeit
, which is the default password, when prompted for the keystore password.
For example, you can use the following command to importkeytool -import -alias "ROOT_CA_NAME" -keystore "EPM Automate_KEYSTORE_LOCATION" -file "NAME_AND_LOCATION_EXPORTED_CA_ROOT_CERTIFICATE" "EXPORTED_CA_ROOT_CERTIFICATE"
DigiCert Global Root CA
certificate that you previously exported asC:\downloads\DigiCert Global Root CA.crt
:keytool -import -alias "DigiCert Global Root CA" -keystore "C:\Oracle\EPM Automate\jre1.8.0_111\lib\security\cacerts" -file "C:\downloads\DigiCert Global Root CA.crt"
For detailed information on fixing other proxy-related issues, see Fixing Proxy Issues.