Three ways to set a truststore for SSL/TLS connection in a Job


You want to invoke an HTTPS URL in your Job, for example you want to use tMDMConnection to access this MDM URL:

https://localhost:8543/talendmdm/services/soap. But it throws the following error while running the Job:


Caused by: SSLHandshakeException invoking https://localhost:8543/talendmdm/services/soap: PKIX path building failed: unable to find valid certification path to requested target
     at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
     at sun.reflect.NativeConstructorAccessorImpl.newInstance(
     at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(
     at java.lang.reflect.Constructor.newInstance(
     at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(
     at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(
     at org.apache.cxf.transport.AbstractConduit.close(
     at org.apache.cxf.transport.http.HTTPConduit.close(
     at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(
     ... 10 more

Caused by: PKIX path building failed: unable to find valid certification path to requested target



To invoke the HTTPS URL on the client side, you must provide the certification file of the HTTPS URL. It will throw the previous error if it can't find the certification file.


There are three ways to provide the certification file in the Job:

  1. Use the tSetKeystore component.



  2. Use the tPrejob+ tJava component with the following code:

    System.setProperty("", "C:/Users/username/myKeystore.keystore");
    System.setProperty("", "xxx");



  3. Set up the following two jvm parameters for the job's RUN jvm:'C:/Users/username/myKeystore.keystore'


Version history
Revision #:
3 of 3
Last update:
‎10-03-2017 12:50 PM
Updated by:
Labels (2)