How do I configure the AAI Automic Connector to communicate with the Automic REST API via HTTPS?
If adding an Automic Scheduler to AAI that runs HTTPS, you may see the error below when starting the automic-connector service.
ERROR [AutomicProcessingTrigger] (AXk9Ivu3J4M=) - Error occurs during emitting events
javax.ws.rs.ProcessingException: RESTEASY004655: Unable to invoke request: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.jboss.resteasy.client.jaxrs.engines.ManualClosingApacheHttpClient43Engine.invoke(ManualClosingApacheHttpClient43Engine.java:287) ~[resteasy-client-4.5.6.Final.jar!/:4.5.6.Final]
Release : 6.3.1
Component : AUTOMIC AUTOMATION INTELLIGENCE INTEGRATION FOR AWA
1. Obtain the certificates for the Automic Rest API and AWI(if different servers).
To obtain the Automic Rest API Certificate, you can load the Automic REST API URL in a browser, and click on the Lock Icon to the left of the URL to view the certificate, then copy to file and save as a .cer file.
2. If the certificate is a signed trusted certificate, and has a root and intermediate certificate in the Certificate Path tab, select each certificate, and select "View Certificate" and the copy each certificate to a .cer file.
3. Verify the version of Java that the Automic Connector is using is set in the %JAVA_HOME% or $JAVA_HOME
On Windows run:
On Linux run:
If it is not set, please set the JAVA_HOME variable to point to the java version that will run the connector.
Got to Start->Settings->Search for "Edit Environment Variables for your account" in the search bar.
Under "System Variables" select "New" and add JAVA_HOME like below:
On Linux run:
4. Verify that the Java version that will be running the connector, and that is in the JAVA_HOME variable, is the only JAVA in the system path in the Edit Environment Variables window from step 3.
If there are other versions of java in the System PATH environment variable, remove them or move the correct path to the Java*\jre\bin directory to the front of the PATH variable.
5. Import each the Automic REST API certificate using keytool into:
. ($JAVA_HOME/jre/lib/security/cacerts on Linux
Import the Automic API server certificate like below using the certificate name and a distinct alias for each certificate:
6. Add the Automic scheduler through the AAI v2 website.
The hostname in the REST API URL, should be a fully qualified domain name, and should match the FQDN either in the "Subject" or "Subject Alternative Name" fields within the certificate.
7. Start the automic-connector service.
If on windows you may need to stop the Windows automic-connector service, and start the process by running "java -jar automic-connector*.jar"
To configure the Automic Connector to communicate with AAI via HTTPS follow the steps in the links below: