PKIX Path Building Failure

From Protocase Designer Documentation
Revision as of 18:21, 14 July 2025 by Cduffney (talk | contribs)

Jump to: navigation, search

Network Requests Fail with Certificate Error (PKIX Path Building Failed)

Some customers may encounter the following error when using features in ProtocaseDesigner that make outgoing network requests:

PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException

This error occurs when Java is unable to validate the SSL certificate presented by the server you're connecting to. ProtocaseDesigner is packaged with its own embedded Java runtime (JRE). This JRE included a bundled certificate store (cacerts) that does not automatically include custom or system-installed certificates.

If your organization uses a custom internal certificate authority (CA) OR intercepts HTTPS traffic (e.g., via a proxy or firewall with SSL inspection), the Java runtime may reject the certificate because it doesn't recognize it as trusted.

Workaround

Until a permanent fix is available, you can resolve this issue by manually adding your organization's certificate to the Java runtime's certificate store bundled with our application.

🔧 Steps to Add a Custom Certificate:

  1. Locate the Java cacerts file:
    • Windows:
      • C:\Users\<USERNAME>\AppData\Local\ProtocaseDesigner\runtime\lib\security\cacerts
    • MacOS:
      • Applications\ProtocaseDesigner.app\Contents\runtime\COntents\Home\lib\security\cacerts
    • Linux (DEB):
      • [AppInstallDir]/runtime/lib/security/cacerts
  1. Import your organization's certificate:
   keytool -import -trustcacerts -keystore cacerts -storepass changeit -noprompt \
     -alias yourcompany-cert -file /path/to/your/certificate.crt

   Restart the application.

   Note: The default password for the cacerts keystore is usually changeit.

Permanent Fix (Coming Soon)

We are actively working on a permanent solution that allows our application to automatically trust certificates from the system’s certificate store. This will eliminate the need for manual configuration in future versions. Need Help?

If you're unsure how to obtain or install your organization's certificate, please contact your IT or network security team.

You may also contact our support team at [support@yourcompany.com] for assistance.

Retrieved from "https://www.protocasedesigner.com/wiki/index.php?title=PKIX_Path_Building_Failure&oldid=4990"