If you get an error when making a connection to a remote server (for example using $.GET()) with the following error message it might look that there is something wrong or malicious going on with the SSL certificate of the remote server.
PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
But maybe the SSL certificate is simply not included in the default java trust store. If you trust(!) the certificate there is a simple fix for this…
An easy way to check if the certificate is not trusted is by using an SSL checker (for example https://www.sslshopper.com/ssl-checker.html). If this is the case then you can add the certificate of that authority to the java trust store following these steps:
- Go to the certificate issuers website and download the missing domain validation certificate
- Import the certificate into the java trust store named
cacerts(in Ubuntu the trust store file is located in/etc/ssl/certs/java/)
cd $JAVA_HOME/lib/security
keytool -import -trustcacerts \
-alias ALIAS_FOR_YOUR_CERTIFICATE \
-file /path/to/your/downloaded/certificate/certificate.crt \
-keystore cacerts - The keystore password is
changeit(if you did not change it 😉 )
No need to restart the Structr instance - if you imported the correct certificate the next request should work fine.