I had a similar problem within a company network. In my network the admins are routing specific domains with their original SSL certificate, while the SSL connection to other systems is bridged by the firewall and therefore a new self-signed certificate is used for the connection between the firewall and my computer.

See if the certificate by the API you're trying to access is replaced by a company-signed certificate - you can click on the lock symbol in your browser and look for the certificate details. If the certificate is replaced, or if the certificate is somehow not trusted, you must enable your Java installation to accept the certificate issued by your company. For doing so, you can ask your administrators to give you the .crt files for the issuing authority ( root-CA-certs / universal CA-certs ). These then need to be included in your Java Keystore (google that to understand what it is doing). For doing so, you must use a command like the following in the /lib/security folder of your JRE / JDK installation - at my machine there was a JDK installed, but i needed to run the command in the JRE folder in the Talend installation (so there was one Java which i installed and an additional Java installed together with Talend, which i needed to patch in order to get things working):

sudo keytool -import -storepass changeit -noprompt -alias YOUR-COMPANY-CA1-v01 -file "YOUR-COMPANY-CA1-v01.crt" -keystore cacerts

My "symptoms" where the same error message, the problem is that Java has its own SSL integration and therefore you need to add support to additional certificates directly in your Java virtual machine (done via the Keystore component) as the trusted certificates of your system (which are used by your browser and other components) are not used by the Java SSL part.

Hope that helps, give Kudos / accept as a solution if you managed to get things working with this