Do we need to add the server certs to the keystores that the agents are using.

I see a few places that have cacerts.

One in controller

/apps/dictrl1/diyotta/controller/server/jre/lib/security/cacerts

does each agent folder has a cacert as well??

/apps/diagnt1/diyotta/agent/cacerts

Do the agents use the cert in it’s own DI_HOME=/apps/diagnt1/diyotta/agent?

Do I need to set up something in the config to use a specific one ?

++++

EFA00003: Connection Establishment Error!javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
org.glassfish.jersey.client.HttpUrlConnector.apply(HttpUrlConnector.java:244)
org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:254)
org.glassfish.jersey.client.JerseyInvocation$1.call(JerseyInvocation.java:671)
org.glassfish.jersey.client.JerseyInvocation$1.call(JerseyInvocation.java:668)
org.glassfish.jersey.internal.Errors.process(Errors.java:315)
org.glassfish.jersey.internal.Errors.process(Errors.java:297)
org.glassfish.jersey.internal.Errors.process(Errors.java:228)
org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:444)
org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:668)
org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:402)
org.glassfish.jersey.client.JerseyInvocation$Builder.get(JerseyInvocation.java:302)
com.diyotta.fla.sm.service.impl.TestConnection.testConnection(TestConnection.java:1049)
com.diyotta.fla.sm.service.impl.TestConnection.run(TestConnection.java:172)
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
java.util.concurrent.FutureTask.run(FutureTask.java:266)
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
java.lang.Thread.run(Thread.java:748)

++++