Release : 17.2 and higher

Component : SDM - Catalog

In the view.log, one may find:

20XX/XX/XX XX.XX.XX.XXX ERROR [https-jsse-nio-8443-exec-20] [FetchSDMIncidentAreasPlugin] Error occurred while getting incident areas; nested exception is: 
 javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

20XX/XX/XX XX.XX.XX.XXX ERROR [https-jsse-nio-8443-exec-20] [CatalogHostService] Unexpected exception while calling plugin:com.sun.proxy.$Proxy131

The cause is the certificates used by the OpenJDK specification for Catalog need to be updated with the SDM SSL certificate.  Telltale sign is the " unable to find valid certification path to requested target" message in the view.log against "FetchSDMIncidentAreasPlugin"

Access SDM Server URL and export the browser certificate as a DER encoded binary X.509 cert file.  File "sdmcert.cer".

On the catalog server, locate the "cacerts" keystore file located in the Catalog install folder's embedded/jdk/lib/security directory and used the keytool utility to import the above sdmcert file into the "cacerts" keystore.

keytool -import -trustcacerts -keystore cacerts - storepass changeit -noprompt -alias sdmcert -file c:\sdmcert.cer

viewService.conf needs to be edited (Catalog install dir/view/conf and the following two lines were changed:

wrapper.java.additional.10=-Djavax.net.ssl.trustStore="C:\Program Files\CA\Catalog\embedded\jdk\lib\security\cacert"
wrapper.java.additional.10=-Djavax.net.ssl.trustPass=changeit

With the above changes, recycling Catalog no longer requires a "test connection" for SDM from Catalog.  One can go right into Catalog and access SDM categories in the offering, correcting the issue.