KrishnaR2370 Member since 2017 9 posts
Citigroup Inc
Posted: 2 years ago
Last activity: 2 years 4 months ago

Certificate invalid path error

Problem Summary –

  • As part of CICD implementation using prpcserviceutils command line tool, we are not able to establish operator connectivity using secure http.

For e.g. – we have used file with contents like below –

  • cat

Image  Must to use secure http URl for UAT and PROD env

  1. The error which we receive while performing product export –
  • Using command - sh export --connPropFile
  • With above command the build fais with error as –

[java] The certificate issued by CN=Citi Root CA G2 UAT, O=Citigroup Inc., C=US is not trusted; internal cause is: [java] Certificate chaining error

[java] Error Messages : REQUEST_EXECUTION_ERROR com.pega.pegarules.serviceclient.exception.PRPCServiceException: PKIX path building failed: unable to find valid certification path to requested target

Steps to reproduce the error –

  • Very much possible – the CICD setup is available on DEV servers and problem can be reproduced when required

Troubleshooting steps performed so far –

  • Ordered JKS certificate and imported on server successfully. No issues here
  • Added following JVMs at WebSphere application server to establish imported JKS connectivity with Pega application and UI (https URL)
  • After updating above JVMs we have restarted the application instance on websphere server. During node startup we get following error –

Present status -

  • CICD pipeline works well with http however it is failing for certificate errors for HTTPS operator connectivity as highlighted above.

Also, the Pega SR – C10592 has been updated with details and awaiting a response.

DevOps SR Exists
Moderation Team has archived post
Share this page LinkedIn