Skip to main content
Solved

SSL/TLS Certificate Update

  • September 13, 2021
  • 4 replies
  • 1250 views
C
Do Gooder (Customer)
Forum|alt.badge.img+4

We are trying to update our wildcard certificate that expires next week to our IFS 10 Update 10 instances. I have tried multiple formats of the certificate including: .pem, .crt, .pfx, .p12 and more. I also have tried with just the certificate and also the certificate with the whole certificate chain included in the file. Every time I try to reconfigure the middleware server with the new certificate it always comes back with: “Unable to initialize SSL environment, returned 28845” and “Client SSL handshake error, Handshake returned 29005”

Best answer by Charith Epitawatta

Hi @cward21

  • What are the files you received from the CA for your certificate request?
  • Please share the steps you followed to create the certificate with full chain of trust.  
  • Please also try opening the private key file using Notepad++ and see whether it is in UTF-8 encoding. It should be in UTF-8, otherwise it is known to cause issues.

Hope this helps! 

View original
Did this topic help you find an answer to your question?
This topic has been closed for comments

Kasun Balasooriya
Superhero (Employee)
Forum|alt.badge.img+20

Hi,

Assuming this is a test environment, Have you tried configuring the application with a self signed certificate from the installer? 

 

Thanks,

Kasun

Kasun B - https://www.linkedin.com/in/kasunbalasooriya/
Charith Epitawatta
Ragaventhan Sathananda
2 people like this
  • Charith Epitawatta
    Charith Epitawatta
  • Ragaventhan Sathananda
    Ragaventhan Sathananda
C
Do Gooder (Customer)
Forum|alt.badge.img+4
  • cward21
  • Do Gooder (Customer)
  • September 13, 2021

Yes, the self-signed certificate parts works perfectly, but then fails when we go to try to import our wild card certificate

Charith Epitawatta
Ultimate Hero (Employee)
Forum|alt.badge.img+31

Hi @cward21

  • What are the files you received from the CA for your certificate request?
  • Please share the steps you followed to create the certificate with full chain of trust.  
  • Please also try opening the private key file using Notepad++ and see whether it is in UTF-8 encoding. It should be in UTF-8, otherwise it is known to cause issues.

Hope this helps! 

Charith - https://charith.xyz
Charith Epasinghe
Ragaventhan Sathananda
C
5 people like this
  • Charith Epasinghe
    Charith Epasinghe
  • Ragaventhan Sathananda
    Ragaventhan Sathananda
  • C
    chajash
  • Jeewaka Padmapriya
    Jeewaka Padmapriya
  • C
    cward21
C
Do Gooder (Customer)
Forum|alt.badge.img+4
  • cward21
  • Do Gooder (Customer)
  • September 20, 2021

Just a recap for everyone. Charith sent me instructions and I had to do a bunch of conversions/exports using OpenSSL to get the file to the proper format. Also, Windows Server 2016 would not accept our certificate as I believe the hashing algorithm was not supported in Server 2016. We took this as the time to upgrade our middleware server to Server 2019, which then accepted the certificate and I was able to apply the SSL cert to our environment

Kasun Balasooriya
Charith Epitawatta
CUCSOLUTIONS
3 people like this
  • Kasun Balasooriya
    Kasun Balasooriya
  • Charith Epitawatta
    Charith Epitawatta
  • CUCSOLUTIONS
    CUCSOLUTIONS
Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings