Unable to find valid certification path to requester path
SummaryUser wants to connect to a secure web service. Service provide has provided them a certificate which they have imported into keystore and uploaded it into Pega keystore rule. When they are trying to test the connectivity, they are facing an issue.
Error MessagesUnable to connect to resource due to TLS/SSL issue: java.net.ssl.sslhandshakeexception: sun.security.validator.validatiorexception:pkix building failed:sun.security..prodiver.setpah.builderexception:unable to find valid certification path to requester path
Steps to Reproduce1. Take the cert from the service provider.
2. Import it to keystore using the keytool commend.
3. Create the keystore rule in Pega and upload the above keystore rule.
4. Take the Pega cert from the server broswer while clicking on the certification.
5. Import them in the service provider box.
6. Restart the app server.
7. Go to connect-rest rule and click on test connectivity.
Root CauseAs there are a chain of certificates and one of the certificate in the chain is missing has resulted in an error.
ResolutionImport all the certificates in the certificate chain, which includes root, intermediate and CA certificates.
Published April 4, 2017 - Updated May 4, 2017