This article will discuss what to do when Policy Manager is crashing and logging the following error:

org.springframework.remoting.RemoteAccessException: Could not access HTTP invoker remote service at [https://securespangateway/ssg/manager/AuditAdmin]; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 

This article applies to all supported API Gateway versions accessed via Policy Manager.

Two root causes can cause the error noted in this article:

• The most frequent root cause is data corruption in the hidden .l7tech folder in the Users directory of the machine running Policy Manager
• A rarer root cause is due to an expired certificate
  • This may include the default SSL certificate for the whole Gateway or whichever certificate was assigned to the Listen Port that the Policy Manager is connecting to

To ensure there is no data corruption on the machine running Policy Manager, follow the steps below:

1. Close all running instances of Policy Manager
2. Backup the folder located at c:\users\<user-name>\.l7tech
3. Delete the .l7tech folder
4. Relaunch Policy Manager, which will recreate the .l7tech folder using default values

If the issue remains, then the root cause may have been an expired certificate instead. The following steps should be followed if the above steps did not resolve the issue:

1. Login via Policy Manager
2. Review the Manage Certificates list and determine if any certificates are expired
   • If expired, replace the affected certificates and skip to step 4 after completion
   • If not expired, continue to the very next step
3. Review the Private Keys list and ensure none of the certificates associated with them have expired
   • If expired, replace the affected certificates
4. Reboot the Gateway servers in the cluster, and the issue should now be resolved

If any customizations were made to the .ini file such as to increase memory allocation to Policy Manager, that change should be reapplied after the above is completed