Unable to download packages via HTTPS

[pintify]

Describe the bug
I'm unable to install packages with HTTPS.

To Reproduce

1. Launch Kura from Docker
2. Try to download anything with HTTPS
3. The following exception is thrown:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
	at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564)
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
	at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263)
	at org.eclipse.kura.deployment.agent.impl.DeploymentAgent.getFileFromRemote(DeploymentAgent.java:498)
	at org.eclipse.kura.deployment.agent.impl.DeploymentAgent.installDeploymentPackageInternal(DeploymentAgent.java:450)
	at org.eclipse.kura.deployment.agent.impl.DeploymentAgent.execInstall(DeploymentAgent.java:323)
	at org.eclipse.kura.deployment.agent.impl.DeploymentAgent.installer(DeploymentAgent.java:307)
	at org.eclipse.kura.deployment.agent.impl.DeploymentAgent.lambda$0(DeploymentAgent.java:172)
	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at java.lang.Thread.run(Thread.java:748)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397)
	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)
	at sun.security.validator.Validator.validate(Validator.java:262)
	at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1621)
	... 22 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
	at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)
	... 28 more

Expected behavior
Normal download and installation of the package.

Screenshots
The following error appears on the web:

Target Environment:
Official docker image

[MMaiero]

The certificate needs to be added to the Kura keystore.

[pintify]

I've downloaded the certificate using:

openssl s_client -connect HOST:PORT -showcerts

And installed the output in Settings ->Server SSL Certificate with a random name. However, the error remains. How should I do it instead?

The certificate appears well created in the keystore when I consult it with

$  keytool -list -keystore cacerts.ks -storepass password

Keystore type: jks
Keystore provider: SUN

Your keystore contains 7 entries

ca-4835703278459909592593969, Jan 9, 2020, trustedCertEntry, 
Certificate fingerprint (SHA1): 4C:27:43:17:17:56:5A:3A:07:F3:E6:D0:03:2C:42:58:94:9C:F9:EC
ssl-test3, Jan 9, 2020, trustedCertEntry, 
Certificate fingerprint (SHA1): 3E:6F:09:D3:24:DF:85:6D:B7:60:51:29:7F:97:9C:25:06:8E:89:26
ssl-eclipse, Oct 8, 2018, trustedCertEntry, 
Certificate fingerprint (SHA1): 50:C7:C4:EC:30:A8:24:95:DC:0D:66:96:EF:91:8C:B1:92:AA:5F:81
ca-4835703278459707669005204, Jan 9, 2020, trustedCertEntry, 
Certificate fingerprint (SHA1): B1:BC:96:8B:D4:F4:9D:62:2A:A8:9A:81:F2:15:01:52:A4:1D:82:9C
ssl-test1, Jan 9, 2020, trustedCertEntry, 
Certificate fingerprint (SHA1): 4C:75:85:99:9E:90:2C:C1:49:81:60:44:29:F8:51:1A:4A:89:62:29
ssl-test2, Jan 9, 2020, trustedCertEntry, 
Certificate fingerprint (SHA1): 3E:6F:09:D3:24:DF:85:6D:B7:60:51:29:7F:97:9C:25:06:8E:89:26
ca-13298795840390663119752826058995181320, Jan 9, 2020, trustedCertEntry, 
Certificate fingerprint (SHA1): E6:A3:B4:5B:06:2D:50:9B:33:82:28:2D:19:6E:FE:97:D5:95:6C:CB

[MMaiero]

Did you try to restart the framework?

[pintify]

Actually it didn't cross my mind. Now it works perfectly. Thank you very much!

However now I've a different problem: the server also requires basic authentication and it is not working. I'll reopen #2560