Category: Configuration

How do I export the custom CA certificate?


When using HTTPS with a custom CA certificate, users need to add this certificate in Appsmith as trusted by adding it to the ca-certs folder. If you don't have the certificate, then this article explains how you can export it from Chrome. 

Typically, if the CA certificate is not added as trusted, the following error is returned in the server logs:

org.springframework.web.reactive.function.client.WebClientRequestException: PKIX path validation failed: validity check failed
	at org.springframework.web.reactive.function.client.ExchangeFunctions$DefaultExchangeFunction.lambda$wrapException$9(


To export the certificate, please follow the below steps:

  1. Navigate to   
  2. Click on the lock symbol, then on Connection is secure. 
connection is secure
  1. Click on Certificate is valid
certificate is valid
  1. You can see the type of certificate you are using in the General tab. 
certificate type
  1. In the Details tab, click the Export button to download the certificate.
Select the root CA and export
  1. If the exported certificate does not have a .crt extension, please rename it accordingly.
  2. Save the exported certificate to the ca-certs folder by following this guide on installing custom CA root certificates