I receive this error when calling a web service from a Java Snap-In. It looks different from what I receive when a cert is not loaded.

com.ibm.jsse2.util.h: PKIX path validation failed: java.security.cert.CertPathValidatorException: The revocation status of the certificate with subject (CN=*.meraki.com, OU=EssentialSSL Wildcard, OU=Domain Control Validated) could not be determined.

Update: I can call this REST service from Postman on my PC. I looked in certmgr and do not see any Meraki certificates.

Can anyone help me understand what I need to do on my Breeze server to get past this? Thanks.

Hi Andrew, this looks like an error with CRL checking. You say you can access the service from Postman. Try executing this line from the CLI: "echo | openssl s_client -showcerts -servername <URL you are trying to access> -connect gnupg.org:443 2>/dev/null | openssl x509 -inform pem -noout -text" I you should be able to determine the URL of the revocation server from the displayed information. I wonder if that URL is inaccessible from the Breeze server. It might be interesting to try a wget from the Breeze CLI on that URL to see what happens.

Thanks, Joel. It turns out that the error really was a missing cert. It wasn't obvious, but after digging around quite a bit I found the cert, loaded it, and everything worked.

I am not sure why the error was so different from what I've experienced before when I was missing a cert, but I am thankful that I was able to find it. The demo will now go as planned tomorrow morning.

That's great to hear, Andrew. Thanks for the update and I hope the demo goes well tomorrow!