Introduction

If you are using your own integration with the use of API, sometimes you might report an issue with SSL certification, accompanied by the following error message in your logs, as part of a bigger error stack. More specifically, the error in question is related to the connection failing during the SSL handshake.

Caused by: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://api.xtm-cloud.com/project-manager-gui/services/v2/projectmanager/xop/XTMWebService: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 

As a result, you are unable to perform any API calls, which prevents you from creating new projects or importing completed projects back to your integration.

Possible causes of the issue

Most probably, the root cause of the issue lies on the side of your own integration, in which you might have either faultily built your integration or not updated your SSL certificate in compliance with global standards.

On one hand, the PKIX Path Building Failed error shown in the log might lead you to the following Attlasian article, which might help find the actual root cause of the issue and resolve the problem: Unable to Connect to SSL Services Due to 'PKIX Path Building Failed' Error in Jira Datacenter and Server.

However, the issue usually lies in your application’s java certificate store, where your SSL certificate is simply not updated.

On the XTM Cloud side, the SSL certificate is updated every 3 months, in accordance with a global standard practice, and it is done automatically.

Find the article below for more information: Why ninety-day lifetimes for certificates?. Keep in mind that this is not something XTM can add an exception to, as it is out of our control and more of a requirement imposed by the certificate authority.