TeamCity java agent can't connect to Letsencrypt enrypted endpoint even with Java keystore trusting full chain


Hello. We’ve moved our TeamCity instance to Let’sEncrypt certs and its working great. Except for the fact that our CentOS based build agent still throws SSL handshake error like this:

[2016-11-23 20:11:42,228] INFO - buildServer.AGENT.registration - Registration using ‘xml-rpc’ failed: jetbrains.buildServer.xmlrpc.RemoteCallException: Call ‘’, method ‘buildServer.registerAgent3’ failed: PKIX path building failed: unable to find valid certification path to requested target

There is an SSLPing test java app available to test access to host from Java (, and it confirms it can connect just fine.

I am sure build agent is using the same Java as set up in the system. What could be the reason for such behaviour of the build agent code.


Fixed it. JAVA_HOME was not set to an updated version of Java that was being used.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.