12 Feb 2020 10:05 PM
Hello, we are a Dynatrace managed customer and we are trying to better understand how the DT works in the integration space ex. Webhooks
We have our self-signed certs - enterprise level (sorry if I am not using the right terminology) loaded on the DT cluster, but when we try to establish communication with Webhooks system. We see an error in the server.0.0.log
"exception=SSLHandshakeException: sun.security.validator.ValidatorExpception:PKIX path building failed:.. sun.security.provider.certpath.SunCertPathBuilderException : unable to find valid certification path to requested target ..."
Webhook system has the proper enterprise level cert loaded and we believe it is on the DT side that the trust is not working to verify the cert presented by the Webhook system.
If you have run into similar issue what was your resolution and can you please share with us? We got some suggestions but our admin is not happy is messing with JRE\cacerts as these will be overwritten with new updates.
Thank you in advance!
Solved! Go to Solution.
12 Feb 2020 11:22 PM - last edited on 10 Dec 2024 10:45 AM by MaciejNeumann
Only idea I have is because root cert on managed cluster
For ActiveGate that is executing plugins that are asking https web services we had to provide root cert. without that it does not work properly. But there we had opposite situation, dynatrace cluster has default letr’s encrypt cert and called service had cert generated by organisation.
Sebastian
13 Feb 2020 04:12 PM
Thank you Sebastian! We have already uploaded our internal certs and the UI works like expected, but the SSL fails when we initiate a Webhooks session and our understanding was Dynatrace maintains another keystore/truststore. We were given 5 different locations and one of them is JRE and our admin has concerns about this directory.
28 Feb 2020 01:13 AM
The support has provided us a solution by uploading our chain certs to the store under server/conf - we were able to validate and confirm it is working as expected .