PKIX Path Building Failed

Error Code: 
PKIX path building failed: 
unable to find valid certification path to requested target.

Reason: This error occurs when the Java environment does not trust the certificate of the server running your SonarQube instance.

Solution: Install the server certificate to the Java key.


  1. The next process is to install the certificate in the cacerts file of the jdk installed in the system using the command line.


    keytool -import -alias {alias-name for the certificate} -keystore “{path for the cacerts file}” -file {path where we have save the certificate}


    keytool -import -alias codescan-certificate -keystore "C:\Program Files\Java\jdk-11.0.9\lib\security\cacerts" -file c:/tmp/codescan-certificate.crt

When adding the certificate, password is required. The password is changeit.

Point to Note:

If adding the certificate as a trusted certificate to the Java Keystore still results in the PKIX path building failed error, we suggest you delete the currently installed certificate from the Java Keystore, export a new certificate, and then attempt a new installation of the certificate.

Command to list all of the certificates from the Java Keystore: keytool -list -v -keystore “{path for the cacerts file}” > /tmp/certs_list.txt

Example: keytool -list -v -keystore “c:\Program Files\Java\jdk-11.0.13\lib\security\cacerts” > /tmp/certs_list.txt Command to delete the certificate: keytool -delete -noprompt -alias {alias-name for the certificate} -keystore “{path for the cacerts file}”

Example: keytool -delete -noprompt -alias codescan-certificate -keystore “c:\Program Files\Java\jdk-11.0.13\lib\security\cacerts”

Last updated