Web Services Connector - custom CA

I have an internal REST API i want to access from the Web Services Connector, but the hostname is on the .local domain (org internal). How do i add our CA certificate to the local trust store used by the HTTPS client so that the TLS connection is allowed?

Error Received:
Exception occurred in Test Connection.Url: https://[blah].local:8089, Message: 0 : javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target, HTTP Error Code: 0

I believe this is because the target HTTPS server presents a certificate signed by the [blah].local (our org) internal CA, but looks like the connector does not trust this. Normal solution would be to add the CA cert to the local trusted certs,but no documentation on how to do this here.

Hey @_py11,

Thanks for posting!

I think in this instance you would be looking to add the certificate to the Virtual Appliance, if so you can find that guide below:
https://community.sailpoint.com/t5/IdentityNow-Connectors/TLS-Configuration-on-Virtual-Appliances/ta-p/74434

As long as the host is accessible via the network to the virtual appliance, I believe it would operate just like any other certificate.

I hope that helps.

Thanks - this works!

I guess the doc linked should add the Web Services Connector is a supported connector for TLS