New On-Premise TAS Server for APPS9, does it require it own private key?
I have an existing on premise TAS for APPS 9 as a Windows 2012 server.
I have installed a new on-premise TAS for APPS server under windows 2019.
I created a new sql db for APPS9 for the new TAS so I could preserve the existing TAS.
I exported out the private cert from the existing TAS (2012 server) to the new 2019 TAS server.
The new TAS server install on 2019 server was successful, however when I go to the new TAS server URL as part of logging in on mobile, I do not establish a connection.
I can go to the new URL from my laptop, but not the mobile application.
Does the new TAS server require a new Private key or can I use the existing private key from the old server.
I appreciate any feedback and assistance.
Thank you
Marjie
Page 1 / 1
@CUCSOLUTIONS if you can reach the TAS from your laptop but not your phone, that indicates one of two things:
the TAS only has an internal URL, and you need a reverse proxy or similar to expose it to the internet (assuming your laptop is part of the intranet either physically or via VPN)
OR the TAS is publicly accessibly but its SSL certificate is accepted by your laptop but not by your phone (for example, Android is picky about certificate chains being valid).
When you mentioned “private key” did you mean the SSL certificate? as long as the certificate is valid, you can of course re-use the same on your new server.
Please check the above and let us know how it goes!
Cheers,
Rukmal
Check accessing the url from the mobile browser.
Has the url changed for the new host?
Is it a wildcard SSL certificate ?
Thank you both for your responses. So let me answer both.
the TAS only has an internal URL, and you need a reverse proxy or similar to expose it to the internet (assuming your laptop is part of the intranet either physically or via VPN)
we only use vpn and the TAS is internal only
OR the TAS is publicly accessibly but its SSL certificate is accepted by your laptop but not by your phone (for example, Android is picky about certificate chains being valid).
The SSL is a wildcard SSL and was applied to the TAS Site. We use Windows for the IFS mobile app
When you mentioned “private key” did you mean the SSL certificate? as long as the certificate is valid, you can of course re-use the same on your new server. …. No from TAs install …
Move of an existing IFS Touch Apps Server Installation
Certificate and private key
When IFS Touch Apps Server is installed, a certificate (public key) and private key pair are generated to support asymmetric encryption.
The existing certificate and private key must be exported from the existing installation. The exported certificate information can then be imported on the new server.
Access to the private key must match the access given on the existing installation. Network Service, the local Users group and the Common User in a Web Farm installation must have read access to the private key.
- There is a private key found on our old TAS server. I took that cert, exported from the old server and imported to the new server. Set the same permissions.
Since I have both TAS (old & new) running, can I use the same private key from the old server to the new or do I need to generate a new private key for the exchange of the security token between TAS server and the IFS Mobile app?
Check accessing the url from the mobile browser. - This works fine, no issues
Has the url changed for the new host? Yes it has and is accessible through the URL, but not the mobile app
Is it a wildcard SSL certificate ? Yes it is.
When I login to the new URL from mobile. I get this error.
