Question

Java Soap Request error: unable to find valid certification path to requested target

0

Hello! I really need some of your expert advise, because at this moment I get stuck. The situation is as followed. I try to connect with a SOAP web service, which is working perfectly with SOAP UI. But in Mendix the Java call is giving me the following result in the attached printscreen. unable to find valid certification path to requested target Caused by: com.mendix.systemwideinterfaces.MendixRuntimeException: java.security.PrivilegedActionException: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at com.mendix.integration.util.PrivilegedUtil$$anonfun$withPrivileged$2.applyOrElse(PrivilegedUtil.scala:17) I did make a working SOAP request before, but I truly do not know how to solve this issue. I attached a word document with various printscreens, which you could use to clear out the obvious… I hope you all can help!

asked 2020-08-07

Dennis Bemer

2 answers

Sjors Schultz · Answer 1 · 2020-08-07

Hi Dennis,

I just encountered your error the other day. This was on a call from Mx8 to KvK endpoint . It was working fine in Mx7.

What I did is find the certificate which is used by the endpoint, usually if you use your browser to go the wsdl en click on the lock in the address bar. There you can save the certificate in DER format. Save the certificate and upload locally in your Project > Settings > Certificates.

I think it has something to do with the Mendix (java) keystore which doesn't have this root certificate (yet).

An example from my solution:

Martijn Rijneveen · Answer 2 · 2020-08-07

Hi Dennis,

I assume you do not need any certification, since you got it working in SOAPUI already. If you want to let the modeler know that it should not look for a client certification you can change your custom settings in the projectsettings.

To do that go to project module > settings > configurations > create a new config > Custom

Here you can set custom runtime settings. For this problem you will need to set the “NoClientCertificateUsages” (see also this link for more information and other options). As a value you will set the exact path to you webservice like this: Myfirstmodule.MyWebservice

Hope this helps!

Martijn Rijneveen