+ Start a Discussion
Gaurav AgnihotriGaurav Agnihotri 

System.CalloutException: sun.security.validator.ValidatorException

I am trying to integrate Salesforce.com application with Jira Application. I have created a new remote site having Remote Site URL:https://beta.pelco.com:8443
I am using a following call out apex
Http http = new Http();
        HttpRequest req = new HttpRequest();
        req.setEndpoint('https://beta.pelco.com:8443/tasks/rest/api/latest/issue/SUSTAIN-4763'+'&os_username=' + 'testuser' + 
                        '&os_password=' + 'password');
        HttpResponse res = http.send(req);

        // Log the JSON content
        System.debug('JSON Response: ' + res.getBody());

I am getting following error message:
System.CalloutException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
There are two ways to make a callout to Jira Application:
  1. using self signed certificate. 
  2. Two way SSL methord
I used the first method. I downloaded a self signed certificate and gave it to Jira team to install. However, even after installing the applicaiton is not going through.

Any suggestions/recommendations?
You can't use a self-signed certificate when Salesforce is making the callout - you can only use self-signed certificates when jira is calling into Salesforce. From the docs:

--- snip ---

Salesforce acting as the client

When sending outbound messages, delegated authentication requests or Apex callouts to secure/SSL endpoints(e.g. https://myintegration.acme.com), a Salesforce.com organization (acting as the client) will only trust the target host (that will act as the server) if this presents a certificate signed by a root Certification Authority (CA) included in the list shown in the below link. In other words, in this scenario self-signed certificates are not allowed to be used by the target host.

--- snip ---