After implementing the IIS https URL of the CA Gen 8.6 COM Proxy ASP in Java application code received this error when attempting to execute the transaction:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Using previous CA Gen 7.0 and CA Gen 8.0 versions of the COM Proxy, http URLs were used successfully. However, in Gen 8.6 it is required to use SSL and thus the https URL is being used.
Release : 8.6
Component : CA Gen Run Time, Proxies
This error is not related to the COM Proxy itself.
It appears that the IIS website SSL certificate has not been loaded into the Java runtime (JRE) truststore being used by the Java program ("JAVA_HOME\lib\securty\cacerts").
For example: https://stackoverflow.com/questions/9619030/resolving-javax-net-ssl-sslhandshakeexception-sun-security-validator-validatore
Also, this KB article for another Broadcom product CA Release Automation covers the same symptoms: javax.net.ssl.SSLHandshakeException PKIX path building failed
Problem resolved by installing the required SSL certificate(s) into the JRE truststore.