You need to sign in to do that
Don't have an account?
Alen Husanovic
HttpRequest retrying request in response to handshake failure / PKIX path building failed
Hello,
I'm trying to make a callout to the Web Service on the remote location(the port number is 9233). The web service is protected with SSL, and anything that I did so far I got the following exception:
System.HttpRequest retrying request in response to handshake failure: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
System.CalloutException: sun.security.validator.ValidatorException: PKIX path building failedsun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
The certificate chain:
The root certificate(GeoTrust Global CA) is trusted by Salesforce however the intermediate certificate (RapidSSL SHA 256 CA) is not on the list of trusted certificates. I tried to import the security certificate chain into Salesforce and then assigning that certificate to remote domain but that did not make any changes.
Is there any way that I can confirm that the exceptions that we get are related to SSL setup on the remote machine and to the Salesforce setup?
Looking forward to any help on this issue.
I'm trying to make a callout to the Web Service on the remote location(the port number is 9233). The web service is protected with SSL, and anything that I did so far I got the following exception:
System.HttpRequest retrying request in response to handshake failure: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
System.CalloutException: sun.security.validator.ValidatorException: PKIX path building failedsun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
The certificate chain:
The root certificate(GeoTrust Global CA) is trusted by Salesforce however the intermediate certificate (RapidSSL SHA 256 CA) is not on the list of trusted certificates. I tried to import the security certificate chain into Salesforce and then assigning that certificate to remote domain but that did not make any changes.
Is there any way that I can confirm that the exceptions that we get are related to SSL setup on the remote machine and to the Salesforce setup?
Looking forward to any help on this issue.
- You create/add the certificate in Salesforce (like this (https://www.salesforce.com/us/developer/docs/apexcode/Content/apex_callouts_client_certs_generate.htm" target="_blank))?
- Then you call out using the certificate (like this (https://www.salesforce.com/us/developer/docs/apexcode/Content/apex_callouts_client_certs_http.htm" target="_blank))?
- Also make sure that your certificate is valid according to this list. (http://https://success.salesforce.com/ideaView?id=08730000000JziE" target="_blank)
Still, if the problem persists may I suggest you please raise a case with salesforce support team which might be the best option.You may reach salesforce support team below:
- http://support@salesforce.com
Thanks,Nagendra.
did your problem resolve?
It was an issue on the remote site where SSL certificate was not set up correctly and it was not an issue on Salesforce Side. Thanks to @Nagendra on related articles.
Thank you,
Alen