Similar behavior here,
- PDI versons 7.1 and 8.0.
- Trying to connect to third party's api.
- Running in a server with no root rights
We have a .cert file with the needed certificate, and created brand new keystore file using keytool command.
- keytool -import -trustcacerts -keystore newKeystore -storepass changeit -alias api.domain.com -file certificate.cer -noprompt
JKS file was configured in SSL tab but nothing changes, same error was thrown:
- javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
we repeated the process, this time in a local machine, adding .cert file to default Java keystore file (root needed, so no possible in production environment, but we did it anyway with test purposes)
- keytool -import -trustcacerts -keystore ${JAVA_PATH}\jre\lib\security\cacerts -storepass changeit -alias api.domain.com -file certificate.cer -noprompt
Transformation runned and works like a charm, but still not working when setted newKeystore file in SSL tab (of course, cert was deleted from default Java keystore before doing the second test)
Has anyone ever made it work?