Search code examples
javasslosgiaemkeystore

AEM 6.5 PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException


I have been struggling with getting AEM instances to work with the certs/keys generated by a trusted source. I am following the /libs/granite/security/content/sslConfig.html wizard and AEM tells me everything is configured properly. I then try going to access my instance over https in my browser (incognito window) on my new port and my certificate is recognized by my browser. Finally I go to my replication agent on Author and update the configuration to use the same exact https URL/Port I just tested in my browser that worked minutes before and a simple test of that newly updated agent spits out the following error message:

Replication test failed
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

I have double checked the ssl-service and can see my cert/key is correctly installed there. If anyone has an idea why the replication agent is acting this way and how to fix it I'm open to suggestions.

Thanks


Solution

  • Is it a local cert? Look at the Transport tab, then choose Relaxed. Let me know if that helps.