PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

anon-5 · July 12, 2018, 9:37pm

This thread was migrated from an old forum. It may contain information that are no longer valid. For further assistance, please post a new question or open a support ticket from the Customer Support portal.

This is an #[Informational Post]

When Android application build fails with the following error

sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.

You will encounter this if you are accessing the internet from your company's proxy.

To resolve this issue ,

1) Download the and pin the leaf certificate of induvidual URLs in the JRE

http://jcenter.bintray.com

https://dl.google.com/dl/android/maven2/index.html

2)The other way to do this is by using a pin intermediate CA of your Organisation. It most probably is the last but one cert from the leaf in the certificate chain from any of the HTTPS URLs accessed.

The following are the steps to add the certificates to the cacerts

1)Open command prompt in administrator mode

2)Type “where keytool” in command prompt

It would return a path something like below

C:\Program Files\Java\jdk1.8.0_112\bin\keytool.exe

3) Then navigate to corresponding version’s “jre\lib\security” folder. Copy and paste the downloaded certificates with .cer extension.

ex: C:\Program Files\Java\jdk1.8.0_112\jre\lib\security

4)Then hit below command

“C:\Program Files\Java\jdk1.8.0_112\jre\bin\keytool” -import -alias <any name which is already not used> -file <downloadedcertificate>.cer -keystore cacerts -storepass changeit

eg: “C:\Program Files\Java\jdk1.8.0_112\jre\bin\keytool” -import -alias ourproxy -file proxy.cer -keystore cacerts -storepass changeit

5)It would prompt for confirmation as shown below , type yes and hit enter

Trust this certificate? [no]:

6)Once you see below message , we are sure that certificate is added to our system’s trust store. Now you should be able to access the URLs which were previously denied/untrusted.

Trust this certificate? [no]: yes

Certificate was added to keystore

anon-6 · July 17, 2018, 2:22am

Thanks for sharing the knowledge @Dvnni Smith

anon-6 · October 1, 2018, 9:59pm

hi, i am stll facing issue while accessing url from local account can u help

anon-6 · January 2, 2019, 12:42am

since last 1 week, I am facing similar issue with cloud login in Visualizer 8.3.6,

HTTP POST on https://accounts.auth.konycloud.com/login failed . Details - sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Login failed. Please check logs for more details.

The see many links available in URLs provided in above points 1 and 2.

Could you please mention the right certificate name to be downloaded from

http://jcenter.bintray.com

https://dl.google.com/dl/android/maven2/index.html

Thanks

anon-6 · January 2, 2019, 10:27pm

@Felicity Bviley can you please take a look at this issue? Thanks!