ssl Security Certificate Issue

Solution for the issue on Local microservice testing Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Certificate issue for Mac and Windows users when opening GKE URLs from UI:

Update Postman Certificate Authority (Mac)

Download the certificate from the web browser

Update CA Certificate for Windows

• Download certificate
• Double-click on certificate → Current User → Select Place all certificates in the following store → Click on Browse → Select Trusted Root Certification Authorities → Click Next → Finish

For Mac double-click and it will install or open Key Chain Access

Export the certificate from Keychain access and Save it as pem file

If you would like to convert your binary .cer file to an ascii .pem file run this command

openssl x509 -inform der -in "My_Enterprise_Root_CA.cer" -out "My_Enterprise_Root_CA.pem"

Application

Postman Settings

Turn On/Off based on the certificate

Install the certificate in JDK

When developing microservice that needs connection to GKE endpoints, the local machines need have cert imported to java keystore.

path of jdk installation: /Library/Java/JavaVirtualMachines/jdk-11.0.8.jdk/Contents/Home/lib/security/cacerts.

please execute the command with the path added in it:

sudo keytool -import -file /Users/${UserName}/Documents/My_Enterprise_Root_CA.cer \
-keystore /Users/${UserName}/Library/Java/JavaVirtualMachines/corretto-21.0.3/Contents/Home/lib/security/cacerts

it will ask for 2 passwords then

• 1st password would be your mac/windows login password
• 2nd password would be “changeit”