+ Start a Discussion
OnlineQOnlineQ 

Apex callout certificate problem: PKIX path building failed…

I'm trying to connect to an external SOAP web service from my Salesforce environment. HTTP callouts fail with:

 

sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 

My code for connecting to the endpoint looks like this:

HttpRequest request = new HttpRequest();
request.setEndPoint('https://the-endpoint-url?wsdl');
request.setMethod('POST');
request.setHeader('Content-Type', 'application/soap+xml; charset=UTF-8');

Http h = new Http();
HttpResponse response = h.send(request);

 When I go to the web service endpoint in my browser, it indicates that the service's SSL certificate is valid. Why exactly is Salesforce unable to connect to the endpoint?

 

I have noticed the the certificate in question is issued by RapidSSL, a CA that is not listed on http://wiki.developerforce.com/page/Outbound_Messaging_SSL_CA_Certificates. Could this be a problem? If so, how can I add support for RapidSSL certificates? Unfortunately, the external web service is not owned by me, so I cannot change its certificate.