Kbase P136334: Getting "error code -54: self-signed certificate" when trying to access a secured Web Service that
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
10/22/2008 |
|
Status: Unverified
SYMPTOM(s):
Getting "error code -54: self-signed certificate" when trying to access a secured Web Service that uses a wildcard certificate
Secure socket Layer (SSL) failure. Error code -54: self-signed certificate: For <certificate hash> in <OpenEdge client certificate path> (9318).
FACT(s) (Environment):
OpenEdge 10.1x
All Supported Operating Systems
CAUSE:
Bug# OE00176655
CAUSE:
The OpenEdge client returns the wrong error message when the following two conditions occur at the same time:
- The Root CA certificate has not been imported to the OpenEdge environment.
- A wildcard certificate is included in the certificate chain.
FIX:
Import the Root CA certificate. Here are the basic steps:
- Go to https://<WSDL URL> in Internet Explorer.
- Open the certificate in Internet Explorer by double-clicking on the padlock icon.
- Go to the "Certificate Path" tab.
- Click on the root certificate (the certificate at the top of the tree), then on "View Certificate".
- Go to the "Details" tab.
- Click on "Copy to File".
- Choose "base64 encoded X.509(.CER).
- Save the file with a .pem extension (or rename it afterwards).
- Go into Proenv and run: mkhashfile <previously_saved_file>.pem .