When running HTTP job, the job fails with "HTTP transport error: javax.net.ssl.SSLHandshakeException
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target "
The error indicates that the agent is missing the proper SSL certificate in the keystore.
Users can import their own SSL certificate to run HTTP jobs. To run the HTTP job using Application Services agent, the user must import the SSL certificate in the proper keystore. The default keystore for the agent is located in the <agent_install_directory>/jre/lib/security. The keystore file is called cacerts. The following commands will allow the user to import their own certificate.
cd <agent_install_directory>/jre/bin ./keytool -import -file /tmp/customer.cer -keystore <agent_install_directory>/jre/lib/security/cacerts Enter keystore password: Re-enter new password:
The initial password for keystore is 'changeit'. Enter it twice as shown in the above example. The password can be changed using the following command:
keytool -storepasswd -keystore <agent_install_directory>/jre/lib/security/cacerts Enter keystore password: <enter old or current password> New keystore password: Re-enter new keystore password: