After installing you may find that FileJockey still fails to connect to the Connections API and the following error appears in the FileJockey log: “PKIX path building failed: java.security.cert.CertPathBuilderException: unable to find valid certification path to requested target”. This happens because FileJockey in unable to recognize the ssl certificate of the Connections server, this can happen when the server uses a self-signed certificate or the signer of the certificate is unknown by the Java virtual machine. To make it work the certificate should be added to the Java truststore using the procedure below.

 

The first step is to get a copy of the certificate public key, the easiest way to get access is to open the connections website in Firefox.

Open in Firefox

Next click the lock icon in the address bar, a popup will appear with the site address with an > to the right. Click the > and then the “More Information” button at the bottom. In the following Dialog select the Security tab and click the “View Certificate” button.

2-moreinfodialog

In the next Dialog go to the Details tab and click the export button. Export the public key of the certificate to disk.

Certificate Viewer

Copy the exported .pem file to your WebSphere server to be imported in the truststore.

Open a Command Prompt on the WebSphere server and navigate to the jvm installation in the WebSphere installation directory. You need to go into the lib\security folders within this folder.

%WEBSPHERE_ROOT%\AppServer\java\jre\lib\security

Use the following command to add the certificate to the trust store:

../../bin/keytool -importcert -keystore cacerts -storetype jks -file <path to your .pem datafile> -alias <any unique name>

You’ll be asked for a store password. The default password for the store is “changeit”

The application server needs to be restarted after the procedure for the jvm to pick up the certificate from the truststore.