PKIX path building failed:

tessari · April 3, 2020, 5:17pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

It produced this output:

nested exception is:
javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is:
java.security.cert.CertPathValidatorException: The certificate issued by CN=DST Root CA X3, O=Digital Signature Trust Co. is not trusted; internal cause is:
java.security.cert.CertPathValidatorException: Certificate chaining error

stevenzhu · April 3, 2020, 10:21pm

Hi,

What are you trying to do?

Thank you

schoen · April 3, 2020, 10:31pm

This usually means that you’re missing the intermediate certificate, which is currently one of these

and is automatically provided to the Let’s Encrypt client when the certificate is issued (Certbot, for example, saves it into chain.pem and also fullchain.pem).

As @stevenzhu’s question indicates, we can’t help you further unless we understand more context about your problem.

system · May 3, 2020, 10:31pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.