After installing SP3 or latest hotfixes I can see the below SSLHandshakeExceptions on every ETC Provider (MOM and Standalone) every few seconds:

 [INFO] [Thread-ClusterTopologyPoller] [Manager.AppMap] Cannot send EM topology due: 'SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target' Will retry.

How can I fix the issue?

APM 10.7 SP3 and latest HOTFIXES

If em-jetty-config.xml is configured to use <PROVIDER-HOME>/config/internal/server/keystore as TrustStore (and KeyStore) as below:

.....

<Set name="KeyStorePath">

                      <SystemProperty name="introscope.config" default="./config"/>/internal/server/keystore

                    </Set>

                    <Set name="KeyStorePassword">OBF:<password></Set>

                    <Set name="TrustStorePath">

                      <SystemProperty name="introscope.config" default="./config"/>/internal/server/keystore

                    </Set>

                    <Set name="TrustStorePassword">OBF:<password></Set>

.....

you must to import the ETC master certificate to <PROVIDER-HOME>/config/internal/server/keystore and not into <PROVIDER-HOME>/jre/lib/security/cacerts!!!

"<PROVIDER-HOME>/jre/bin/keytool" -importcert -keystore "<PROVIDER-HOME>/config/internal/server/keystore" -alias <your-cert-alias> -file "<PROVIDER-HOME>/config/internal/server/<your-cert>.crt" -storepass <password>

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/application-performance-management/10-7/administrating/configure-enterprise-team-center/enterprise-team-center.html

Team Center - Blank Page after Login, Status code 503, SSLHandshakeException
https://knowledge.broadcom.com/external/article/125671/team-center-blank-page-after-login-stat.html