Solved

SSL/TLS Certificate Update

  • 13 September 2021
  • 4 replies
  • 948 views
C
Rank
Userlevel 2
Badge +4

We are trying to update our wildcard certificate that expires next week to our IFS 10 Update 10 instances. I have tried multiple formats of the certificate including: .pem, .crt, .pfx, .p12 and more. I also have tried with just the certificate and also the certificate with the whole certificate chain included in the file. Every time I try to reconfigure the middleware server with the new certificate it always comes back with: “Unable to initialize SSL environment, returned 28845” and “Client SSL handshake error, Handshake returned 29005”

icon

Best answer by Charith Epitawatta 13 September 2021, 21:04

View original
This topic has been closed for comments

4 replies

Kasun Balasooriya
Rank
Userlevel 7
Badge +20

Hi,

Assuming this is a test environment, Have you tried configuring the application with a self signed certificate from the installer? 

 

Thanks,

Kasun

Kasun B - https://www.linkedin.com/in/kasunbalasooriya/
C
Rank
Userlevel 2
Badge +4

Yes, the self-signed certificate parts works perfectly, but then fails when we go to try to import our wild card certificate

Charith Epitawatta
Rank
Userlevel 7
Badge +31

Hi @cward21

  • What are the files you received from the CA for your certificate request?
  • Please share the steps you followed to create the certificate with full chain of trust.  
  • Please also try opening the private key file using Notepad++ and see whether it is in UTF-8 encoding. It should be in UTF-8, otherwise it is known to cause issues.

Hope this helps! 

Charith - https://charith.xyz
C
Rank
Userlevel 2
Badge +4

Just a recap for everyone. Charith sent me instructions and I had to do a bunch of conversions/exports using OpenSSL to get the file to the proper format. Also, Windows Server 2016 would not accept our certificate as I believe the hashing algorithm was not supported in Server 2016. We took this as the time to upgrade our middleware server to Server 2019, which then accepted the certificate and I was able to apply the SSL cert to our environment

Terms & ConditionsCookie settings