'javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path' error when testing a RESTful Web Service AFX Connector in RSA Identity Governance & Lifecycle

• Connector in a Running state:

 

• Output from a test of the connector:

• Accessing the same URL via a REST/SOAP tool has no issues:

1. Launch Firefox.
2. Open the URL being accessed by the AFX RESTful web service connector.
3. In the left-hand corner, click on the lock icon or the Info button to see the certificate issuer.
4. Click the > at the right for more details.
5. Click the More Information button.
6. Click View Certificate.  

  

7. Scroll down until you see the Download option:

8. Click on PEM (cert) to download the certificate in PEM format.
9. Import the certificate to the JVM cacert as the root user:

keytool -importcert -alias startssl -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit 
-file <path to the cert saved in step 7a>

10. After importing the certificate, restart the AFX server as the afx user:

afx stop
afx start