webMethods

webMethods

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

Openshift: Error while connecting to API Gateway from API portal in Openshift containers

  • 1.  Openshift: Error while connecting to API Gateway from API portal in Openshift containers

    Posted Mon February 03, 2025 01:58 AM

    We have recently added a load balancer and when I am trying to execute an API from API Portal i am getting the below error

    We are on 10.15 and our API Portal is hosted on OpenShift.

    -1 PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    I tried to add the add the certificates to /opt/softwareag/jvm/jvm/lib/security/cacerts but no luck with that.

    We have recently added a loadbalancer(which is a service) and when I am trying to execute an API from API Portal I am getting the below error

    -1 PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    If I run the same API using postman, I am getting a successful response but when I run the same using portal i get the above error.

    I tried to add the add the certificates(root,Intermediate,Server) to /opt/softwareag/jvm/jvm/lib/security/cacerts but no luck with that. 



    ------------------------------
    Abhijith Parre
    ------------------------------


  • 2.  RE: Openshift: Error while connecting to API Gateway from API portal in Openshift containers

    Posted Wed February 05, 2025 05:32 AM

    I have managed to fix the issue.

    • Downloaded the cacerts file from openshift pod.
    • Downloaded the certificate chain of the new certificate along with root,intermediate and client certificate.
    • Ran the keytool commands as below
      •  keytool -importcert -file "Go Daddy Root Certificate Authority - G2.crt" -keystore cacerts -alias "devportalroot"
      • keytool -importcert -file "Go Daddy Secure Certificate Authority - G21.crt" -keystore cacerts -alias "devportalintermediate"
      • keytool -importcert -file "client.crt" -keystore cacerts -alias "devportalclient"
    • Created a config map in Openshift with the updated cacerts file.
    • Referenced the CAcerts as mount path in stateful sets and restarted the pods and tested it from dev portal and it worked.

    Regards

    Abhijith



    ------------------------------
    Abhijith Parre
    ------------------------------

    Original Message