• Last edited on: 17 September 2018

TLS/SSL Errors during PO Transmission

Coupa does not support SSL client certificate authentication and requires the supplier to remove this restriction.

Symptom

PO isn't received by the supplier. On the Coupa side, the PO cXML sent to supplier shows Coupa status as Transmission Failure and the log shows error: sslv3 alert bad certificate.

Environment 

All environments where the supplier PO method is cXML.

Solution

Step 1 

Confirm with your customer if the endpoint (cXML URL) and other cXML credentials are correct.

Step 2

Have your customer go to the cXML Errors page at https://{customer_instance}/cxml_request_monitors/cxml_request_po and do an advanced search for the PO number to confirm the error message.

Step 3

If the error message contains the info shown below, have the customer create a Coupa support ticket: 

  1. Request Error =  "SSL_connect returned=1 errno=0 state=SSLv3 read finished A: sslv3 alert bad certificate"
  2. Response Error = Blank
  3. Category = Connection to supplier failed

See PO transmission SSL Error with Supplier (TLS authentication) for support details on how to fix.

Cause

The supplier is expecting Coupa to authenticate the supplier's system. Coupa does not support SSL client certificate authentication and requires the supplier to remove this restriction.