Handling PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException exception in SFDC Callout
Recently i encountered an exception during making a Callout to the external service .Being an apex developer and unfamiliar with SSL concept much with no luck after googling i tried posting the question in stackexchange Stackexchange link.I am thankful to the Martin Peters for helping me on this .
Through this blog post i would like to document few points i learned on cause of this exception and also i will indicate the solution and resources we have that can help us to get rid of this exception
1)First way to identify this exception is if we try to open the URL we are using to make a callout to external system in any browser we will encounter the security exception.The below image shows how our browser will behave once encountering such SSL exception.
2)This happens when the external system we make callout from the salesforce does not have valid SSL certificate
For the JAVA client we have solution on the discussion board .http://boards.developerforce.com/t5/General-Development/PKIX-path-building-failed/td-p/128332
There are two very popular way of implementing authenticated Callouts
1)one-way SSL/certificate security
1)One-Way SSL is easiest implementation :
This blog explains the process for cast iron and i must thank the author of blogger post for such wonderful explanation
So if the external server implements this the problem gets solved straight away.
2)Two-way SSL :
Thanks to the developer.force.com of salesforce that we have an excellent article on how to configure this on salesforce end
We have a list of SSL certifcates that are accepted by salesforce and verified .Here is the link to the document