Support Article
Unable to find valid certification path to requester path
SA-35961
Summary
User wants to connect to a secure web service. Service provide has provided them a certificate which they have imported into keystore and uploaded it into Pega keystore rule. When they are trying to test the connectivity, they are facing an issue.
Error Messages
Unable to connect to resource due to TLS/SSL issue: java.net.ssl.sslhandshakeexception: sun.security.validator.validatiorexception:pkix building failed:sun.security..prodiver.setpah.builderexception:unable to find valid certification path to requester path
Steps to Reproduce
1. Take the cert from the service provider.
2. Import it to keystore using the keytool commend.
3. Create the keystore rule in Pega and upload the above keystore rule.
4. Take the Pega cert from the server broswer while clicking on the certification.
5. Import them in the service provider box.
6. Restart the app server.
7. Go to connect-rest rule and click on test connectivity.
Root Cause
As there are a chain of certificates and one of the certificate in the chain is missing has resulted in an error.
Resolution
Import all the certificates in the certificate chain, which includes root, intermediate and CA certificates.
Published May 4, 2017 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.