"PKIX path construction failed for untrusted credential: [subjectName='CN=<domain>O=<org>,C=<country>']: unable to find valid certification path to requested target" error is seen when configuring or updating PingFederate SSL/TLS for ThingWorx

• While configuring SSO with PingFederate, Login fails with SSL Handshake error in ThingWorx Navigate
• When trying to call REST API from ThingWorx Javascript service GetJSON, it fails with PKIX path building failed or PKIX path construction failed for untrusted credential error
• Following ThingWorx license update, application fails with following errors and users are unable to login using SSO:

[L: ERROR] [O: o.s.s.s.t.MetadataCredentialResolver] [I: ] [U: ] [S: ] [P: ] [T: Metadata-reload] PKIX path construction failed for untrusted credential: [subjectName='CN=<domain>O=<organization>,C=<country>']: unable to find valid certification path to requested target

• The following errors are seen within the ThingWorx logs:
  • <ThingworxStorage>\logs\SecurityLog.log

[ Error requesting access token. ][ I/O error on POST request for "https://PINGFEDERATE_HOST_NAME/as/token.oauth2": sun.security.validator.ValidatorException: 
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target;
nested exception is javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target ][ sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target ]
[ PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target ]
[ unable to find valid certification path to requested target ]

• <ThingworxStorage>\logs\ErrorLog.log

[O: E.c.q.l.c.Logger] [I: ] [U: ???] [S: ] [P: ] [T: https-jsse-nio-8443-exec-7] [ Failed to utilize the SSO component for authentication ]
[ Error requesting access token. ][ I/O error on POST request for "https://<Ping Fed Host>:443/as/token.oauth2": sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target;
nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target ]
[ sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target ][ PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target ][ unable to find valid certification path to requested target ]
[L: ERROR] [O: E.c.q.l.c.Logger] [I: ] [U: ???] [S: ] [P: ] [T: https-jsse-nio-8443-exec-7] Could not handle request
[L: ERROR] [O: E.c.q.l.c.Logger] [I: ] [U: ???] [S: ] [P: ] [T: https-jsse-nio-8443-exec-7] Could not handle request
[L: ERROR] [O: E.c.q.l.c.Logger] [I: ] [U: ???] [S: ] [P: ] [T: https-jsse-nio-8443-exec-7] errorMessage: [Unauthorized], statusCode: [401]