Note: This is a follow-up to another article which describes fixing the "PKIX path building failed" on a Mac. If you are on a Mac, please find that article here.
If you are on a Windows machine and encounter the error: "PKIX path building failed" when using the CLI, please follow these instructions to resolve it:
1. Find the keytool.exe from your Windows Machine. It should be in one of these locations, keep this for step 4:
C:\Users\<user>\AppData\local\domino\jre8\bin\keytool.exe
C:\Program Files\Java\jre8\bin\keytool.exe
C:\Program Files (x86)\Java\jre8\bin\keytool.exe
If the default Domino java does not work for you, please try your default java installation as well!
2. Grab the Domino SSL Certificate from https://<yourdominourl/. Save it on your Desktop or Documents folder and give it a filename, i.e.: "domino-deployname-com-cert.cer".
2a. Using Chrome, browse https://<yourdominourl>
2b. Click the "Secure" button (padlock icon) in the address bar.
2c. Click the "Certificate (Valid)" button.
2d. Go to the "Details" tab
2e. Click the "Copy to file..." button
2f. Click Next
2g. Select "Base-64 encoded X.509 (.CER). Click next and give it a filename to use in step 4.
See: https://www.shellhacks.com/get-ssl-certificate-from-server-site-url-export-download/
3. Change directory to Domino CLI location in CMD/Command Prompt.
cd C:\Users\<userID>\AppData\Local\Programs\domino\jre\lib\security
4. Import the domino certificate using the keytool matching those found above. Type "yes" to trust the certificate.
"C:\Program Files (x86)\Java\jre8\bin\keytool.exe" -import -keystore cacerts -alias domino-deployname-com-cert -file "$FILENAME_FROM_2g.cer"
If asked to, enter keystore password: changeit
5. If there are no errors. Try logging in to Domino.
domino login https://<yourdominourl>
6. Get the Authorization Code:
https://<yourdominourl>/authorizeCli
Comments
0 comments
Please sign in to leave a comment.