Skip to main content
Kofax

How to troubleshoot connectivity Problems between Kofax Total Agility and SignDoc

Problem: 

This article describes a situation,

  1. where the SignDoc Activity is part of a Kofax Total Agility (KTA) Workflow,
  2. Signing Packages can be created successfully via KTA Job processing,
  3. The Signers receive the signing package for signing and processing the corresponding documents.

The StateChange Notification is not returned to KTA after the signing package is finished (after all signer have signed the document), the state in KTA job remain "Active..".

Solution: 

To find out what the exact problem is in your specific situation, some troubleshooting steps have to be performed.

1. Check if the KTA Webservice is running, and can be accessed from KSD-Server. To achieve this, open Internet Explorer (or other Browser) from KSD Server and enter following URL:

http://<KTA -Servername>/totalagility/Services/Sdk/SigningIntegrationService.svc/json/AddJobNote

The KTA WebService should react with following response:

clipboard_e58e88deb798c63a860b498433f7ffd73.png

If accessing above URL brings a connection error (like page cannot be displayed or similar), then there is a problem with network connection to KTA Server, or the KTA-Webservice itself isn´t available or offline.

If accessing the URL works with above KTA response, but the problem with Status Notifications still persists, then....

2. you need to active some logging levels to get valid information into the Cirrus Logfile. The logfile is located in sdweb_home\logs\ directory. Find more details in Administrator's Guide, page 10 chapter "Logging" to find out how Cirrus Logging works in SignDoc Standard.

For troubleshooting KTA connectivity issues we need to activate following loggers in signdoc_home\conf\XjLog_Cirrus.xml.

    <logger name="de.softpro.cirrus.plugins.state_change.KTAStateChangeNotification" level="DEBUG" additivity="false">
        <appender-ref ref="R"/>
    </logger>

    <logger name="de.softpro.cirrus.services.services.impl.StateChangeServiceImpl" level="DEBUG" additivity="false">
        <appender-ref ref="R"/>
    </logger>

Copy/Paste above lines if not available in XjLog_Cirrus.xml file.

After change, restart Signdoc Standard Service, and reproduce the problem.

3. Analysing logfiles, Possible problem sources:

After problem is reproduced, please open signdoc_home\logs\cirrus.log file. You can search (e.g. with Notepad ++ Text-Editor) in the logfile for all occurances and lines starting with the term:

de.softpro.cirrus.plugins.state_change.KTAStateChangeNotification

This will show all relevant log output concerning notifications to KTA Systems, like shown in following examples:

  • In case the KTA job notification is successfully transmitted the service will respond with  

     Http Status code 200 (OK)

  • In case of network connection problems the log will contain following information:

     de.softpro.cirrus.plugins.state_change.KTAStateChangeNotification - Connection failed to http://KTA-Servername/totalagility/S...ionService.svc   /json/AddJobNote: java.net.ConnectException: Connection timed out: connect

  • In case there are issues with certificates (assuming connectivity to KTA Webservice is established via https protocoll)

de.softpro.cirrus.services.services.impl.StateChangeServiceImpl - Plugin KTAStateChangeNotification has encountered an error: Connection failed to https://KTA-Servername/totalagility/Services/Sdk/SigningIntegrationService.svc/json/AddJobNote: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Illegal given domain name: <KTA-Servername>

problem reason: The https://domainname doesn´t match the certificate´s "Common Name"

or

de.softpro.cirrus.services.services.impl.StateChangeServiceImpl - Plugin KTAStateChangeNotification has encountered an error: Unhandled plugin exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

problem reason: The error message indicates that KSD (Tomcat) could not establish a trusted connection to KTA over SSL (for instance if KTA uses a self-signed certificate, or a certificate that is issued by a non official internal Certificate Authority). Resolution is, to add a root or intermediate certificate to the local JAVA trusted keystore. How to achieve this is explained article "How to import certificates into local JVM Store".

There are several other possible conditions and errors, which will lead to a nonworking Notification to KTA. If the de.softpro.cirrus.plugins.state_change.KTAStateChangeNotification logger shows a non-meaningfull error, please feel free to contact Kofax Technical Support via creating  a new case in the support portal https://support.kofax.com to get further details and support regarding your problem.