Expand my Community achievements bar.

Guidelines for the Responsible Use of Generative AI in the Experience Cloud Community.
SOLVED

Invoking the Secure Protocol RestService from OSGI Client (AEM is in http protocol) not working.

Avatar

Level 2

Hi,

I have osgi client which invokes secure(https) rest-service through rest-template.

When I am Testing the Client through main program I am able to invoke the rest-service Successfully.

I have imported the certificates in cacerts under java_home/jre/lib/security to invoke the service successfully from osgi client.

But When I have installed osgi client in felix .Its Not able to invoke the service and Following Exception Occurs:

":sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:498)
    at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:446)
    at org.springframework.web.client.RestTemplate.postForObject(RestTemplate.java:294)
    at com.phh.restfulservice.RestClientHandlerImpl.invokeRestService(RestClientHandlerImpl.java:52)

 

AEM is running on same JAVA_HOME.

1. can we invoke the secured protocol (https) service from non secured protocol( Aem )

2. Do I need to do any Additional configuration in AEM.

3.Is it necessary to ENABLE https in AEM also?

 

NOTE : my rest-service is deployed in Tomcat.

 

Thanks and Regards,

Rahul Jain

1 Accepted Solution

Avatar

Correct answer by
Level 10

certification is not imported in your java keys. Please follow  http://nodsw.com/blog/leeland/2006/12/06-no-more-unable-find-valid-certification-path-requested-targ...

Generally mistake done are  While adding a certificate in the url you will append extra space.

No additional configuration needed in aem and also no need to enable https for your functionality. 

Many times it is different jre & forking cause issue. Just debug from jre perspective right jre certificate is used Or explicitly configure in startup script to use custom store. 

View solution in original post

1 Reply

Avatar

Correct answer by
Level 10

certification is not imported in your java keys. Please follow  http://nodsw.com/blog/leeland/2006/12/06-no-more-unable-find-valid-certification-path-requested-targ...

Generally mistake done are  While adding a certificate in the url you will append extra space.

No additional configuration needed in aem and also no need to enable https for your functionality. 

Many times it is different jre & forking cause issue. Just debug from jre perspective right jre certificate is used Or explicitly configure in startup script to use custom store.