API call from watcher using webhook, certificate error

Elastic Stack Elasticsearch
1

Hi,

We are trying to make API call as part of watcher action, using webhook to 3rd party application.

When we do that we are getting below error:

"type": "s_s_l_handshake_exception",
              "reason": "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
            }
          ],
          "type": "s_s_l_handshake_exception",
          "reason": "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target",
          "caused_by": {
            "type": "validator_exception",
            "reason": "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target",
            "caused_by": {
              "type": "sun_cert_path_builder_exception",
              "reason": "unable to find valid certification path to requested target"

We wanted to understand where exactly we configure the certificate to resolve this issue.

We tried to add this in elasticsearch.yml as below:

xpack.security.enabled: true
xpack.security.http.ssl.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.http.ssl.key: <Key Path>
xpack.http.ssl.certificate: <Certificate Path>
xpack.http.ssl.certificate_authorities: ["<Certificate Path>"]

Thanks
Avy

2

Welcome to our community! :smiley:

I am not 100% sure of this, but I would start by trying to add the certificate to the local machine/user store and validating that it works with something like curl.

3

Thanks for the reply.

We already tried that and its not working.

We installed it on windows server on which elastic is running, we installed it in Java keystore as well.

Still issue is not resolved.

4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.