on 04-10-2012 12:35 PM
The certificate installed on our PI quality system shows the desgnated host name of PI production system . that means whenever iam opening the java home page of Pi Quality , the error thrown as the ceertificate belongs to wrong host, can i chagne the host name soemwhere in that certifcate.................please revert at eraliest..this is urgent.............
Tahnks,
Somya
> can i chagne the host name soemwhere in that certifcate..
You cannot edit the certificate. You need to apply a new one with the required host name. Changing the server host name according to the certificate host name will impact other issues.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
The exact error thrown is that when we open the Quality server NWA Link:
https://QID.<Domain>.com/nwa , in the right most side, it says Certificate Error : the detaile derror will be :
The issuer and issued to is actually PID.<Domain>.com which is our production server , although it should be QID.<Domain>.com which is our test server so that needs to be changed.
Screenshot for error is attached hereby.
Thanks,
Somya
Hi,
Please check the folllowing points:-
1. The correct server certificate is present in the TrustedCA
keystore view of NWA .
2. The server certificate chain contains expired certificate.
3. The server certificate chain is not ordered in right way. Basically
the server certificate chain should be in order Own->Intermedite->
Root. If issuer certificate A is B and for B it is C(root), then the
chain should be A->B->C and not as B->C->A or other combinations.
If this does not help, then I would recommend coming up with a new certificate with the URL maintained correctly and approved by the signing authority.
Thanks,
Atul
Hi Atul,
Thanks for your reply. I did not understand how to check for the correct order as u said
Own->Intermedite->Root,how to understand this:
Actually we need to import a self signed certificate, the certificate in Quality is self signed and there is no signing authority for the same. Are u aware , how to create an dimport a self signed certificate.
Thanks,
Somya
Hi Sowmya,
Please see the links:-
http://help.sap.com/saphelp_nwpi711/helpdata/en/a7/1cd08ffe25e34799cbbe1a7ecdb8ed/frameset.htm
Hope this helps. If not, let me know what further problems are being faced.
Thanks,
Atul.
Hi Somya,
Please set the fqdn as follows:-
Go to NWA->Configuration management->security->services and keys->trusted CA's->create a new certificate with the correct fqdn
If this does not help, please provide the exact error text seen
Regards,
Atul
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey....once we have filled all the details , it wont provide us with the certificate rite.....
we need to raise a CSR request .which needs to get approved by signing authority , after that we can import that into system.
Please lemme know the deatiled resolution with steps if possible that how it will work so that i get clarity.
Thanks,
Somya
Hi,
I believe creating a new certificate by the steps i gave previously would help here.Yes, that would require the signing authority's approval. Would this not be acceptable?
I am not quite sure what the issue is here then. If the previous solution is not acceptable then providing the exact error text you are seeing would be very helpful.Meanwhile it would be helpful to go through SAP note 821267[Q. 24].
Thanks,
Atul
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.