Skip to Content
Author's profile photo Former Member

AS Java Initial Load with HTTPs

In order to encrypt the communication between IDM and AS Java during the Initial load or any other jobs, you may want to use HTTPs instead of HTTP for a JAVA server. However, if you choose the https protocol, you may get an error in Initial Load job. Error message looks like this PKIX path building failed: unable to find valid certification path to requested target


This is because the Java‘s server certificate is not trusted by your IDM java program.  All you need to do is to add server’s (or root) certificate into JRE’s default trust store.

The JRE’s trust store is located under jre/lib/security. The file name is cacerts without extension.

Try command

keytool -importcert -file RootCA.crt -keystore cacerts


re-run the job. You will find the error is gone.

There are other ways to solve the problem. But I guess this is the easiest. The solution is also suitable for communicate with any other HTTPs server or LDAPs server.

Assigned Tags

      Be the first to leave a comment
      You must be Logged on to comment or reply to a post.