• After upgrading Orchestrator from version 8.11.2 to 8.16.0 we tried to use a workflow where we get information from URL addresses as below
  
  
  var urlObject = new URL("https://FQDN//vco/api/about");
  try {
      var result = urlObject.getContent();
      System.log(urlObject.getContent());
  } catch (e) {
      System.log(e);
  }


• A PKIX path building error is seen in the log section of the UI after running the workflow:
  
  infoInternalError:
HTTP GET error : PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

The issue is resolved in the Aria Automation Orchestrator 8.16.1 release

Workaround:

Before proceeding make sure to snapshot the Orchestrator appliances.

1. Get the name of vco-app pod:

   # kubectl -n prelude get pods | grep vco-app

2. Login to the pod's vco-server container:

   kubectl exec -it -n prelude vco-app-### -c vco-server-app -- /bin/bash

Replace ### with container id returned step 1

3. Modify setenv.sh file:

   nano /usr/lib/vco/app-server/bin/setenv.sh-Djavax.net.ssl.trustStorePassword=$(KS_PASSWORD) \

4. Find #vRO system properties and add 2 lines:

   -Djavax.net.ssl.trustStore=$(VCO_INSTALL_PATH)/app-server/conf/security/jssecacerts \

   -Djavax.net.ssl.trustStorePassword=$(KS_PASSWORD) \

5. Run kill command to kill the process and restart it:

   kill 1

This change does not persist container restarts.