Apex Code Development You need to sign in to do that
Don't have an account?
Manto Bundled SSL Certificates: PKIX path building failed
I am trying to a callout to one of our webservice from my class. The call returns with exception : PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
A bit of googling gave me this link : https://help.salesforce.com/articleView?id=000326722&type=1&mode=1 and it says Salesforce's certificate trust policy is to require server and client certificate chains to include all intermediate certificates that exist between the server or client certificate and the chain's root certificate. When I spoke to our infra team, they say all certficates are bundled in same file, so they cant do any thing more than that. We have several systems working fine with this setup and this is first time Salesforce is trying to consume a webservice. I am not an expert in this certoificates stuff, can someone who has some insigths help me out please. Out certificate chain is below
Root: QuoVadis Global Root CA 2 G3 //In SF SSL CA list
Intermediate: QuoVadis Global SSL ICA G3
bottom: our own certificate
Infra team says all these 3 are bundled in same file to avoid any issues. Any idea how can i proceed?
A bit of googling gave me this link : https://help.salesforce.com/articleView?id=000326722&type=1&mode=1 and it says Salesforce's certificate trust policy is to require server and client certificate chains to include all intermediate certificates that exist between the server or client certificate and the chain's root certificate. When I spoke to our infra team, they say all certficates are bundled in same file, so they cant do any thing more than that. We have several systems working fine with this setup and this is first time Salesforce is trying to consume a webservice. I am not an expert in this certoificates stuff, can someone who has some insigths help me out please. Out certificate chain is below
Root: QuoVadis Global Root CA 2 G3 //In SF SSL CA list
Intermediate: QuoVadis Global SSL ICA G3
bottom: our own certificate
Infra team says all these 3 are bundled in same file to avoid any issues. Any idea how can i proceed?
Use this link https://www.sslshopper.com/ssl-checker.html and check where the certificate chain is broken or not?
And the below article will guide you on how to merge the certificate chain,
https://help.salesforce.com/articleView?id=000333504&language=en_US&type=1&mode=1.
If this answers your query select this as the best answer.
Regards,
Salesforce Support.
Many thanks for your response. I am doing a callout to another webservice, not creating a webservice in Salesforce . Do I need to create a merged cetificate and upload it in salesforce in this case?
Thanks,
Manoj