Using self signed certificates to connect to pxGrid on ISE 2.0. Using the generated certs, able to connect and subscribe to the SessionDirectory capability to receive the notifications successfully. We also need to do a bulk download of the sessions for handling cases of any disconnection or for the first time before we start listening to new Sessions.

For the bulk download am seeing the following exception.

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)

at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)

at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)

at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)

at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1514)

Able to do a bulk download from a single node ISE 2.0 with all the personas in the same node. The bulk session download is failing only in the ISE set up where we have pxGrid and Monitoring personas are running on different nodes. If you have the steps to generate the truststore and keystore jks files that the pxGrid client can use in a distributed ISE node deployment where mnt and pxGrid are running on different nodes please share.

Thanks