Kbase P61728: Vsign Certificates shipped with 9.1C and 9.1D Expired Jan 8
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
07/05/2005 |
|
Status: Unverified
FACT(s) (Environment):
Progress 9.1C
FACT(s) (Environment):
Progress 9.1D
SYMPTOM(s):
Webclient fails to connect to application through SSL.
Secure Socket Layer (SSL) failure. error code -55: CONNECT HostName: (<hostName>) does not match Certificate: (<commonName>) (9318)
Secure Socket Layer (SSL) failure. error code -54 Certificate has expired (9318)
Application Certificate logfile shows:
Certificate has expired depth=2, X509 Name =/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
subject=/C=US/O=VeriSign, Inc./OU=Class 2 Public Primary Certification Authority
notBefore=Jan 29 00:00:00 1996 GMT
notAfter=Jan 7 23:59:59 2004 GMT
CAUSE:
Certificates shipped with Progress 9.1C and 9.1D Clients expired on Jan 8, 2004.
The certificates are vsign2.pem and vsign3.pem, located in the %DLC%\certs directory.
FIX:
Obtain the new certificate directory from the Progress FTP site that contains the correct *.pem and .0 files.
1. Point a Web browser to ftp://ftp.progress.com
2. Browse to the pub/ssl/certs directory.
3. Replace the files within the certs directory on the ftp site with the certificate files in the certs directory on the Progress Client.