Getting Data In

Splunk HEC post call not working and getting exception: "PKIX path building failed"

trinatha
New Member

I am getting below exception for send event through a java rest post call

Exception :

      org.springframework.web.client.ResourceAccessException: I/O error on POST request for “https://input-prd-p- 
     f4txzc7qgv77.cloud.splunk.com:8088/services/collector“: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Curl command :

curl -X POST \
   https://input-prd-p-f4txzc7qgv77.cloud.splunk.com:8088/services/collector \
   -H 'Authorization:Splunk 07944f24-c69e-42fc-af3c-14035cddb034' \
   -d '{"event": "Hello, world!", "sourcetype": "main"}'```

But its working from curl command and not working from java code.

0 Karma

asmxyz
Observer

Also running into this.  How do I go about debugging this.

0 Karma

ilya_resh
Engager

Consider that curl and Java are using different trusted certs store. And it seems like Java's one is not trusting Splunk Cloud certs.
One more option could be that java call goes via proxy and the proxy's cert is not trusted

0 Karma

meamitjain
New Member

Did you find the solution? I am hitting the same issue.

0 Karma
Get Updates on the Splunk Community!

Operationalizing TDIR: Building a More Resilient, Scalable SOC

Optimizing SOC workflows with a unified, risk-based approach to Threat Detection, Investigation, and Response ...

Almost Too Eventful Assurance: Part 1

Modern IT and Network teams still struggle with too many alerts and isolating issues before they are notified. ...

Demo Day: Strengthen Your SOC with Splunk Enterprise Security 8.1

Today’s threat landscape is more complex than ever. Security operation centers (SOCs) are overwhelmed with ...