Stardog server setup certification error: PKIX path building failed


I am preparing a server for encryption in transit (https) following the instructions here. When I check the status of the server through the 5821 port, I receive the error message PKIX path building failed: unable to find valid certification path to requested target , see below.

There is one modification to those instructions linked above, when creating the certificate I use this command:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out myCert.crt -days 365 -nodes -subj "/C=YourCountry/ST=YourState/L=YourCity/O=YourOrganization/OU=YourOrganizationalUnit/CN=$hostname" -extensions SAN -config <(echo "[SAN]\,IP:").

Here is the systemd file

And lastly, does the server access the certificate? I am pretty sure that is the case.

Any insight or direction is greatly appreciated.

Here is a ping to keep this post alive.

Hi Jamie,

sudo spins up a new subshell, so it doesn't include the environment variables you set. In this case, those missing environment variables are STARDOG_SERVER_JAVA_ARGS and STARDOG_JAVA_ARGS to hold the information about your keystore and truststore, repsectively.

You can either remove sudo from your server status command or add the -E flag to include the environment variables. Let me know if either of those work.