Kbase P80695: Client handshake fails connecting to an SSL enabled server
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
12/2/2004 |
|
Status: Unverified
FACT(s) (Environment):
OpenEdge 10.0B
SYMPTOM(s):
SLL Client handshake failure (-54) certificate is not yet valid: for xxxxxxxx.0 occurred. (12168)
CAUSE:
The date of the certificate is not valid. The certificate issued by the Certificate Authority ( CA ) may be postdated. If so you will see the error message indicating that the certificate is not yet valid.
Every certificate issued by a CA will be considered valid for a specified amount of time. The start time could be some preset amount of time in the future from when you actually received the certificate.
FIX:
If the certificate timestamp is not valid you will need to wait until the certificate becomes valid or contact your Certificate Authority to request a new certificate with a current timestamp.
Progress provides a tool to view the timestamp of a certificate issued by a CA.
UNIX:
pkiutil -list <alias name>
Windows:
pkiutil.bat -list <alias name>
This will list the key store entries. If "alias name" is left blank, all the certificate store entries will be listed.
You can also add the "-brief" option to get less information about the certificate, -verbose to get the full certificate information.