I'm running my app locally and getting following error when I call external API:
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I understand it is beceause there is a lack of valid specific certficate which I need to add to my JDK. So, I get this from my chrome browser (downloading as a .cer file - Base-64 encoding).
I'm able to add it using keytool:
keytool -import -alias pint -keystore "C:\Program Files\Java\jdk-11.0.11\lib\security\cacerts" -trustcacerts -file pint33.cer
or directly in intelliJ IDEA (Settings -> Tools -> Server Certificates).
And it works, but for a very short term. It seems working for about one call to my app api. When I try to run my app process again I get errors. I can see in my certificate it should be valid until 7/15/22, but this is ignored somehow.
The way to make it working again is to download certficate from browser again, add it to jdk keystore and restart my app.
What is the explanation of this weird behavior? Do I miss something? Or do I do it completely wrong?
