I configured the Signer and SSL Certificate in my Pega enviroment.But now, I am getting below error.while configuring a REST connector in Pega

0
votes

We are getting following error while configuring a REST connector in Pega.

SSL/TLS configuration issue detected. Please repair and try again.

Caught unhandled exception: java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.j: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: java.security.cert.CertPathValidatorException: The certificate issued by CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE is not trusted; internal cause is: java.security.cert.CertPathValidatorException: Certificate chaining error

Can someone help ow to check this.

1
javawebspherepega
You might try this if you havent already. Replace "webserver" with whatever remote server you are trying to connect to. ibm.com/support/knowledgecenter/en/SSYGQH_5.5.0/admin/install/…Bruce T.

1 Answers

0
votes

The certificate you're trying to use is not trusted. This means you need to install the root resp. trust certificate as a truststore into the webserver so that the webserver trusts the certificate of your endpoint. That's the same error you sometimes see on your browser when certificates are self signed or expired.

When using Pega you can either deploy the truststore on application server level (that is into your Tomcat, Websphere or Weblogic) or into your PRPC environment.

In PRPC you can create a new Keystore instance with the Records Explorer, Security, Keystore, Create. Then you can upload the jks file and save. This keystore instance has to be referenced on the Connect-REST rule under the headline Security Settings under Truststore.