Error creating Consumer Web Service Descriptor

Hi Friends

IS Version:

I am trying to create a new Web Service Descriptor from designer. The wsdl is present on another server in the local network and is accessible from the browser.

I select the source type as ‘Consumer’ and provided the https wsdl url in file/url area.
I selected ‘Document type generation > Content Model Compliance’ as None and ‘Enforce WS-I Basic Profile 1.1 compliance’ as No.

When I click finish I get the following error… PKIX path building failed: unable to find valid certification path to requested target

From the internet I read that I need to import and place the certificate in the keystore. I had imported the public key certificate to both key and trust store (just in case…!) of the IS server. I had reloaded the key and trust stores, cleared the ssl cache and even restarted the server.

But I still get the same ‘PKIX path building failed’ error. Anybody any suggestions.

Thank you and regards



I noticed a strange thing, I had been able to create the Web Service Descriptor from Developer. So maybe I need to modify some setting on the designer configuration or something here is buggy.

I changed the Designer > Window > Preferences > General > Network Connections > Active Provider to Direct to avoid proxy. I could not think of anything more.

Frankly developing on Designer is on the first time, I had been a developer user for years now. So assume a newbee here…

Any takers . :slight_smile:

Is this the full description of error you are seeing or any part is missing?

“PKIX path building failed”

Empower KB #: 1743388


Good to see you…

No the full description as shown in the initial email is… PKIX path building failed: unable to find valid certification path to requested target


Please check this Empower KB article very close to your error:

KB #: 1740466


When you try to generate a WSD consumer for an https webservice from Designer using the WSDL URL it fails with below error:
PKIX path building failed: unable to find valid certification path to target Requested


  1. Modify the Designer/Eclipse installation folder, open the config.ini file. i.e. SAG_Home\eclipse\v39\configuration\config.ini (v39 might vary based on the installation) & add the below two lines?\keystore\localhost.jks

  2. Provide the correct trustStore path in the above line according to the file system path with the correct separators.

  3. Restart the Designer and retry the scenario

For running the webservice (Creating an Endpoint Alias for a Consumer Web Service) please refer to “8-2-SP2_Administering_Integration_Server.pdf” page number: 219


RMG Thanks Bro

I will try that and post the results.

Wondering how and why Developer worked without the ca certs installed…!



It’s a different tool and Eclipse very rigid: :smiley:

good luck!

Thanks RMG.

It worked after adding the two ssl configuration entries.


sounds great :slight_smile:

Hi ,

I am facing the same issue. I did the below steps.

Opened the consumer wsdl URL in browser.
Downloaded the root,intermediate and the end user certificate.
Created a truststore and imported the above mentioned certificates.
Gave this path as a keyStore path in the config file .
But,still i face the same error.

Sec method:
I installed the certificates to the CAcerts fiel present in Designer/jvm/ location .But , still facing the same error.

Request your help in the same.

I am able to use this WSDL URL from my local designer client but it fails when I try from the designer installed in the server location.

The JVM set in environment variables is the IS JVM (not the designer JVM).

I tried the same steps in cacerts file inside IS JVM but still the same error.

Please let me know if my steps are incorrect.


Hi Sathya,

please provide your wM Version you are working with.


Hi Holger,

The issue is resolved, it is due to some network level policy change in the organization .