It's all about the answers!

Ask a question

Need help to overcome Certification exception while making REST API call in plugin code


TUSHAR PAKGARE (9) | asked Jun 11, 5:26 a.m.
Plug code is throwing below exception while making REST API and need help to overcome this issue
com.ibm.jsse2.util.h: PKIX path building failed: java.security.cert. <wbr> CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: java.security.cert. <wbr> CertPathValidatorException: The certificate issued by CN=GlobalRootCA is not trusted; internal cause is: java.security.cert. <wbr> CertPathValidatorException: Certificate chaining error  

2 answers



permanent link
David Honey (3256) | answered Jun 11, 6:04 a.m.
JAZZ DEVELOPER

Comments
Kevin Ramer commented Jun 14, 11:09 a.m.

Assuming the OP is dealing with server plugin:
 Our experience is that while WebSphere and Liberty can have certificate Trust stores adding the certificate that gets flagged in the above fashion to said Trust does not solve the issue (even after restart).  Thus we add the certificates to the JRE trust store usually found in JRE_HOME/lib/security/cacerts and restart the Jazz server.


permanent link
Davyd Norris (1.1k7) | answered Jun 15, 4:15 a.m.
You need to find what JRE your plug-in is running in:
- if this is a client side plug-in then it will be the JRE of the Eclipse instance
- if this is a server side plug-in then it's the JRE of the server

You then need to add the CA certificate to the cacert trust store, which will be found in the directory mentioned above

JRE_HOME/lib/security/cacerts

Your answer


Register or to post your answer.