If you're planning to switch Xray or Artifactory from the default HTTP protocol to the HTTPS protocol, be aware that this may cause a problem with your Xray <> Artifactory connection. To troubleshoot this issue, ensure that SSL has been set up in Xray correctly. HTTPS is enabled in Xray by placing your SSL certificates in $XRAY_HOME/data/ssl/serverCerts and ticking the Use SSL checkbox:
Xray must use a single SSL key/certificate pair. If the SSL certificates are for a specific common name (e.g., xray.com), make sure that the Xray Base URL matches this parameter. And be certain to update this setting to ensure the URL is using HTTPS:
If necessary, you can modify the Artifactory host's /etc/hosts file so the URL matches the Xray IP address.
If you are using an internal or self-signed SSL certificate, you’ll need to add the public certificate to Artifactory's JVM trust store. Otherwise, you’ll see a PKIX Path Building Failed error message in Artifactory's logs:
2019-08-22 22:57:45,931 [pool-17-thread-1] [WARN ] (o.j.x.c.h.XrayHeartbeatImpl:176) - Cannot retrieve xray server status due to: Xray server is unreachable : sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetA solution to this problem can be found HERE.
If you‘re using a self-signed SSL certificate for Artifactory, you’ll need to import it into your Xray host’s operating system keystore. Alternatively, you can tick the SSL insecure checkbox in the Xray UI (Admin -> Advanced -> General).