SCIM API Base Url - PKIX path building failed

Hi,

I am building SCIM API and testing using SCIM 2.0 test app (Basic Auth). Http request is fine, however, I cannot access via https.

Error:
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.

The SCIM api is public and runnig on iis.
SSL cert is valid with browser.

Please let me know if there is anything I miss or wrong.

Hi @jkwon

Okta requires the traffic on the SCIM server to be under https. Can you please test it out with a free CA certificate, such as Let’s Encrypt?

Hi @dragos

It is Comodo CA.

Hi @jkwon

Thanks for the details. Can you please check the chain of the certificate installed on the web server? An incorrect/incomplete/missing chain would prevent the TLS handshake from occurring.

You can use https://www.sslshopper.com/ssl-checker.html to get more details about the certificate and the chain.

Hi @dragos

I will check the chains on the web server tomorrow. Thank you for your help.

Hi @dragos

You were right. One of our chains was incorrect. The issue has been fixed.
I appreciate your help.