PKIX path building failed

Document ID : KB000107767
Last Modified Date : 24/07/2018
Show Technical Document Details
While running actions that execute against https urls I get: PKIX path building failed: unable to find valid certification path to requested target.
CA Release Automation Agent v5.x and 6.x
The CA Release Automation Agent will generate the error message (also seen in the nolio_all.log) when it tries to access an https site that it does not have a certificate for (needed to establish a proper SSL handshake). 
  1. Download the certificate from the site in question.
  2. If necessary, convert the certificate obtained in step #1 into an x509 format that can be imported into a java keystore (see additional info section below).
  3. Import the certificate into the agents java keystore. You can do this by opening a command prompt on the artifact retrieval agent machine and:
    1. cd <NolioAgentInstallationFolder>
    2. jre/bin/keytool -importcert -file <fileFromStep2> -keystore jre/lib/security/cacerts -alias <aliasNameOfYourChoosing>
  4. Restart the agent service.
Additional Information:

Regarding Step 2 (in the resolution section), please note the following keytool guidelines for importing certificates: