I get the following error when trying to access my self-hosted GIT server as a VCS in TeamCity. The GIT server is only accessible via HTTPS and uses a certificate issued by the new Lets Encrypt CA:
List remote refs failed: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
It's apparent that the JRE doesn't have the root LE cert installed, which is why it is seeing it as untrusted. Yet after adding it, it's still untrusted.
I tried adding the root certificate from Lets Encrypt, using the following command:
keytool -importcert -trustcacerts -file <path to root certificate> -keystore cacerts -storepass <password>
I have verified that the certificate is in the keystore.
Am I missing something?