I use wso2 identity server as a KeyManager of wso2 API manager that run in two different machine. after running two server there is a error in wso2 API manager :
ERROR {org.wso2.carbon.apimgt.rest.api.util.exception.GlobalThrowableMapper} - An unknown exception has been captured by the global exception mapper. feign.RetryableException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed executing GET https://IdentityServerIP:9444/oauth2/token/.well-known/openid-configuration
at feign.FeignException.errorExecuting(FeignException.java:249)
I am following this link to do this and using MSSQL Server as shared database.
You need to import the Identity Servers public cert to API Manager client-trustore.
Export the cert from IS
keytool -export -alias wso2carbon -keystore wso2carbon.jks -file <public key name>.pem
Then in your APIM server, import the public key that you extracted to the client-trustore.
keytool -import -alias iskey -file <public key name>.pem -keystore client-truststore.jks -storepass wso2carbon