I am trying to call a rest service with a self signed certificate but I get the error below. Any suggestions to bypass this? Exception in component tREST_1 com.sun.jersey.api.client.ClientHandlerException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:131) at com.sun.jersey.api.client.Client.handle(Client.java:616) at com.sun.jersey.api.client.WebResource.handle(WebResource.java:559) at com.sun.jersey.api.client.WebResource.access$200(WebResource.java:72) at com.sun.jersey.api.client.WebResource$Builder.get(WebResource.java:454) at forecast.test_0_1.test.tMysqlInput_1Process(test.java:1091) at forecast.test_0_1.test.runJobInTOS(test.java:1524) at forecast.test_0_1.test.main(test.java:1383) Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target disconnected
Hello, you need to have the certificate installed as "trusted" or the connections will fail. The trusted store for the JVM is <java home>/jre/lib/security/cacerts and you can import yours there with keytool to get it to be trusted. Try
keytool -import -noprompt -trustcacerts -alias <give it an alias> -file <path to certificate> -keystore <path to cacerts>
and see that if that alleviates your issue. If not you can try putting it into your own keystore and using the tSetKeystore component. See
this for the official documentation on importing a certificate and
this for more information on the keytool (it's the man page for it).
Hope that helps!
