After installing SP3 or latest hotfixes I can see the below SSLHandshakeExceptions on every ETC Provider (MOM and Standalone) every few seconds:
[INFO] [Thread-ClusterTopologyPoller] [Manager.AppMap] Cannot send EM topology due: 'SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target' Will retry.
How can I fix the issue?
APM 10.7 SP3 and latest HOTFIXES
If em-jetty-config.xml is configured to use <PROVIDER-HOME>/config/internal/server/keystore as TrustStore (and KeyStore) as below:
.....
<Set name="KeyStorePath">
<SystemProperty name="introscope.config" default="./config"/>/internal/server/keystore
</Set>
<Set name="KeyStorePassword">OBF:<password></Set>
<Set name="TrustStorePath">
<SystemProperty name="introscope.config" default="./config"/>/internal/server/keystore
</Set>
<Set name="TrustStorePassword">OBF:<password></Set>
.....
you must to import the ETC master certificate to <PROVIDER-HOME>/config/internal/server/keystore and not into <PROVIDER-HOME>/jre/lib/security/cacerts!!!
"<PROVIDER-HOME>/jre/bin/keytool" -importcert -keystore "<PROVIDER-HOME>/config/internal/server/keystore" -alias <your-cert-alias> -file "<PROVIDER-HOME>/config/internal/server/<your-cert>.crt" -storepass <password>
Team Center - Blank Page after Login, Status code 503, SSLHandshakeException
https://knowledge.broadcom.com/external/article/125671/team-center-blank-page-after-login-stat.html