function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion

Bundled SSL Certificates: PKIX path building failed

I am trying to a callout to one of our webservice from my class. The call returns with exception : PKIX path building failed: unable to find valid certification path to requested target

A bit of googling gave me this link : and it says Salesforce's certificate trust policy is to require server and client certificate chains to include all intermediate certificates that exist between the server or client certificate and the chain's root certificate. When I spoke to our infra team, they say all certficates are bundled in same file, so they cant do any thing more than that. We have several systems working fine with this setup and this is first time Salesforce is trying to consume a webservice. I am not an expert in this certoificates stuff, can someone who has some insigths help me out please. Out certificate chain is below
Root: QuoVadis Global Root CA 2 G3 //In SF SSL CA list
Intermediate: QuoVadis  Global SSL ICA G3
bottom: our own certificate
Infra team says all these 3 are bundled in same file to avoid any issues. Any idea how can i proceed?
AbhishekAbhishek (Salesforce Developers) 
Hi Manto,

Use this link and check where the certificate chain is broken or not?
And the below article will guide you on how to merge the certificate chain,

If this answers your query select this as the best answer.

Salesforce Support.

Hi Abhishek,
Many thanks for your response. I am doing a callout to another webservice, not creating a webservice in Salesforce . Do I need to create a merged cetificate and upload it in salesforce in this case?

AbhishekAbhishek (Salesforce Developers) 
Manto yes you have to create a merged certificate and then upload as mentioned in the above article.