TRKD API certificate
I was working with TRKD using Java and keep getting this exception error:
com.sun.xml.ws.client.ClientTransportException: HTTP transport error: javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target com.sun.xml.ws.client.ClientTransportException: HTTP transport error: javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target com.sun.xml.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:132) com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:153)
The reason for getting “unable to find valid certification path to requested target” error is that the TRKD API certificate is not included in the trusted store used by your Java runtime.
You need to add the certificate into the trusted store in order to fix the issue. For this purpose you can use the standard keytool.exe utility from JDK (%JDK_HOME%\bin folder) installation. Below is a walkthrough on how to do this:
1. Download TRKD API certificate and save in locally in DER format:
2. Run keytool with the following parameters:
keytool.exe –importcert –file “[path_to_saved_cert]” –keystore “[path_to_keystore_file] –alias [alias_name]”
Examples.
In case of JDK keystore file is located in “%JDK_HOME%\jre\lib\security\cacerts”:
keytool.exe –importcert –file “D:\trkd.cer” –keystore“d:\runtime\jdk_1_6\jre\lib\security\cacerts” –alias trkd_cert
In case of JRE keystore file is located in “%JRE_HOME%\lib\security\cacerts”:
keytool.exe –importcert –file “D:\trkd.cer” –keystore “d:\runtime\jre_1_6\lib\security\cacerts” –alias trkd_cert
Default password for cacerts keystore is "changeit" without quotes.
We recommend to add TRKD certificate into both JDK and JRE installations as your IDE and standalone application (application server) may use different runtimes.
Also, in case of using an application server, please make sure that it doesn't have some internal keystore different from the default one (e.g. IBM WebSphere AS). If so, please follow the instructions how to import certificate for your particular application server.