Execution failed due to configuration error: PKIX path building failed

Question

Hello, I tried the following tutorial https://docs.aws.amazon.com/en_us/apigateway/latest/developerguide/api-gateway-create-api-as-simple-proxy-for-http.html. But when I use my own URL for testing purposes I got the following error:
Thu Mar 09 16:16:27 UTC 2023 : Execution failed due to configuration error: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Thu Mar 09 16:16:27 UTC 2023 : Method completed with status: 500

If I look at the certificate, it is not a selfsigned cert, and it is not expired. How can I install that certificate in my AWS API Gateway environment.  
It is worth mentioning that the destination port is not the standard (443).

Answer

This error message is thrown when the when API Gateway does cannot find the root CA for the integration backend url.
You can test with setting insecureSkipVerification to true on the integration's tlsConfig however the API Gateway still performs basic certificate validation, which includes checking the following:
*     The certificate's expiration date
*     The hostname
*     Presence of a root certificate authority

The best way to troubleshoot this issue is to check what certificate is being provided by your integration. If you cannot find this information, suggestion is to run a pcap from integration to capture the Server Hello packets to API Gateway.

Answer

Please submit a ticket to the [AWS Training & Certification customer support team](https://aws.amazon.com/contact-us/aws-training/), and they will provide assistance. If you already submitted a case, please allow at least 48 hrs to get a response.

Execution failed due to configuration error: PKIX path building failed

相关内容