Troubleshooting Tips: Testing APIs published from API Gateway
Error message appears when you test APIs
When the HTTP ports of an API Gateway instance are configured with a self-signed certificate, and if you test an API published from that instance, then the following error message appears.
-1 PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Resolution:
Run the following command to add the self-signed certificated used in API Gateway to the Developer Portal truststore in the following location: SAGInstallDir/jvm/jvm/lib/security/cacerts:
keytool -import -trustcacerts -alias alias_name -file certificate_path -keystore cacerts
Sample command
keytool -import -trustcacerts -alias mdecert -file C:\apigw\mdeCert.cer -keystore cacerts
Note:
If SSL exception message appear even after you import the self-signed certificate to the mentioned path, then ensure that the disable-host-name-verifier setting in the application-dev.yml file is set to true. This setting allows you to turn off the host name verification during Developer Portal communication with other systems.