Rundeck Job Notification Webhook Error: Error making request: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

440 views
Skip to first unread message

Zion

unread,
Oct 26, 2020, 9:36:24 AM10/26/20
to rundeck-discuss
Hi, I have a job that uses notifications Webhook. The webhook is a Rundeck API. Here what my notification looks like:   
Screenshot 2020-10-26 175453.png
The whole error in rundeck.log is this:  
ERROR services.NotificationService [quartzScheduler_Worker-6] - Notification failed [onsuccess,succeeded,238621]; URL https://client-dns/api/33/job/cd3b3a1b-90c9-4c99-bf29-46c5aad1b4ff/run?authtoken=6XpW50hvZoPUTtlwucKGJ7ERKOxeJCTR&option.rd_exec_id=238621: Unable to POST notification after 1 tries: success for execution 238621 (succeeded): Error making request: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 

How can I fix this issue? I've successfully configured SSL in my Rundeck Instance. The Certifacate and PFX is from the client. I used this link as reference for the configuration of SSL. Thanks in Advance to those who will help!

rac...@rundeck.com

unread,
Oct 26, 2020, 9:40:00 AM10/26/20
to rundeck-discuss
Hi Zion,

Check the both ways to do solve it, a good way is to add the service cert to your java cacert or add the service cert to Rundeck's truststore. Take a look at this to follow up.

Regards.

Zion

unread,
Oct 26, 2020, 9:46:51 PM10/26/20
to rundeck-discuss
Hi, I'm using Rundeck Over SSL. but I did not follow the documentation in Rundeck. I used a different guide to implement SSL I've mentioned above. I already imported the certificate or the .cer file to my truststore file. Does the naming convention matters? because In the guide i've been following they renamed their truststore to ca and I've also done the same. By the way here is the command in the guide for importing the certificate to the trusstore file: " keytool -import -alias ca -file /etc/rundeck/ssl/lab-ca-der.cer -keystore /etc/rundeck/ssl/ca -storepass password"

Zion

unread,
Oct 26, 2020, 11:27:52 PM10/26/20
to rundeck-discuss
Hi, Thanks. I've fixed the issue. What I did is I imported my certificate to the java cacerts and after importing I restarted my server and the webhook is working now. 
Reply all
Reply to author
Forward
0 new messages