It is possible to use Gel Scripts to call REST APIs of third-party systems to integrate with Clarity. But when attempting to do this for certain URLs, an error such as the following is thrown.

avax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

How do you resolve this?

Version: 15.9.0

This issue can be caused due to an invalid certificate chain, of the third-party system being called from Clarity.

1. The certificate chain can be verified using a website such as SSL Server Test.
2. Look specifically at the "Chain Issues" section. It should be set to "None" for a successful integration to take place.

This is happening due to clarity certificates not being imported into your java cacerts file.

Steps :-

1. Download the clarity server certificate, intermediate and root certificates according to the certificate chain.

2. Import those into the $JAVA_HOME/lib/security/cacerts file using the below command by changing the file names.

keytool -importcert -file filename -keystore cacerts -trustcacerts -alias filename

3. Once that's complete restart your services and test again.