Overview

You are trying to connect an eBanking app to an endpoint via Placeable API Gateway, but you are getting a certificate error when attempting to do so. 

The exception from the application should be similar to the following:

API,"com.<domain>.cbp.infrastructure.exception.BackendUnavailableException: Backend Unavailable
[
backendSystem = ""placeableRestGateway""
transactionName = 

""com<domain>.ebanking.application.integration.domain.placeable.rest.search.SearchTransitResponseVO""
rootCause = ""SunCertPathBuilderException: unable to find valid certification path to requested target""
destination = ""***""
]

Solution

To resolve the issue, follow these steps:

1. Make sure the SNI (Server Name Indication) is included in the SSL handshake to get back the correct certificate chain for a given endpoint that is hosted behind the Placeable API Gateway. 
   For an OpenSSL handshake for the fictional 'test.example.com' endpoint, it would be:
   openssl s_client -servername test.example.com -connect test.example.com:443

2. Check your Application Servers Trust Store to ensure you have the Root, CA, and Intermediate SSL Certificates in place. If you do not have these certificates, open a support ticket to request the certificates and import them into the store.
   
   
3. Restart the application pool and proceed with retesting to confirm a successful handshake with the Placeable API and an HTTP 200 OK Status.