Solved: Re: connect to https REST API

SV_8161180 · ‎Jan 19, 2018

Hello,

I have a thing which has multiple services that call REST API's.

Script is:

var url = 'https://url_to_api/api/controller/Action?param1=' + INPUT1 + '&userName=' + User;

var params = {

url: url /* STRING */,

};

var result = Resources["ContentLoaderFunctions"].GetText(params);

the url used to be HTTP and everything worked great.

Now the url is https and when I test my service I get the following error:

Wrapped javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Cause: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Does anybody know what I have to do to get this working.

jrajesh · ‎Apr 05, 2018

Hi,

I had to give the following to tomcat configuration Java options and only then it worked:

-Djavax.net.ssl.trustStore=C:\Program Files\Java\jre1.8.0_161\lib\security\cacerts

Thanks and Regards,

Jyothi

View solution in original post

smayer · ‎Jan 22, 2018

Hi Sven

Your rest request is using https, which will suggest you will need to enable ignoreSSLError to true.

var params = {

proxyScheme: undefined /* STRING */,

headers: undefined /* JSON */,

ignoreSSLErrors: true/* BOOLEAN */,

useNTLM: undefined /* BOOLEAN */,

workstation: undefined /* STRING */,

useProxy: undefined /* BOOLEAN */,

withCookies: undefined /* BOOLEAN */,

proxyHost: undefined /* STRING */,

url: undefined /* STRING */,

timeout: undefined /* NUMBER */,

proxyPort: undefined /* INTEGER */,

password: undefined /* STRING */,

domain: undefined /* STRING */,

username: undefined /* STRING */

};

var result = Resources["ContentLoaderFunctions"].GetText(params);

SV_8161180 · ‎Jan 23, 2018

I still get the error

smayer · ‎Jan 23, 2018

Have you successfully tried using Postman with this https request?

This could tell us if it is a Thingworx problem or this could be an API certificate issue.

SV_8161180 · ‎Jan 24, 2018

Yes, calls with postman are successful.

Since it is complaining about certificates, could it be I am somehow missing a certificate.

I added all certificates involving the called api to the java keystore.

smayer · ‎Jan 25, 2018

Have you got any further details on your application logs?

SV_8161180 · ‎Feb 01, 2018

Found the error. I was adding the certificates to the wrong keystore.

jrajesh · ‎Apr 03, 2018

Hi,

Which keystore should be used to import the certificate? I used the Java cacerts that ThingWorx tomcat is using. It still does not work for me.

Thanks and Regards,

Jyothi

CRArko · ‎Apr 05, 2018

Hello.

Has this issue been resolved by importing to the correct keystore? If so, can you tell us which keystore was correct, and mark that as an Accepted Solution?

If there are still any problems, let us know that as well.

Thanks!

-- Craig A.

jrajesh · ‎Apr 05, 2018

Hi,

I had to give the following to tomcat configuration Java options and only then it worked:

-Djavax.net.ssl.trustStore=C:\Program Files\Java\jre1.8.0_161\lib\security\cacerts

Thanks and Regards,

Jyothi