PASOE -PKIX error

balta

Member
Hi,

I am changing the certificate in PASOE and i am getting this error (Using SOAP)

1727968787630.png
The certificate appears to be OK

1727968881740.png

1727968970662.png

I am already do this commands without success.

Code:
procertm -i GlobalSign.crt C:/OE12/certs/psccerts.jar

Please help.

Windows Server 2022
OpenEdge 12.2.12
 
Hi,

Not sure if this helps but you may give a try. I assume your pfx file (tomcat_2024*.pfx) is signed by root CA.
  • Run below command from java bin directory
keytool.exe -v -list -keystore (Path where you have .pfx file - seems you kept it in conf directory of pasoe instance)
  • Note down the unique alias name
  • Use alias name in Catalina.Property file for variable psc.as.https.keyalias.
  • Use variable psc.as.https.keyalias in server.xml under <certificate>. I observe, it was missing in your screen shot. It will look like below
CertificateKeyAlias=“${psc.as.https.keyalias}”
  • I normally convert pfx file into pem format to be able to import them in progress cert store. To do this I run below command
sslc pkcs12 -in (path_of_pfx_cert) -out (path\certname.pem) -nodes
  • Once your pem file is ready, you can import it in OE cert path. Command to run
certutil -import certname.pem
Restart pasoe instance.
 
Hi,

Not sure if this helps but you may give a try. I assume your pfx file (tomcat_2024*.pfx) is signed by root CA.
  • Run below command from java bin directory
keytool.exe -v -list -keystore (Path where you have .pfx file - seems you kept it in conf directory of pasoe instance)
  • Note down the unique alias name
  • Use alias name in Catalina.Property file for variable psc.as.https.keyalias.
  • Use variable psc.as.https.keyalias in server.xml under <certificate>. I observe, it was missing in your screen shot. It will look like below
CertificateKeyAlias=“${psc.as.https.keyalias}”
  • I normally convert pfx file into pem format to be able to import them in progress cert store. To do this I run below command
sslc pkcs12 -in (path_of_pfx_cert) -out (path\certname.pem) -nodes
  • Once your pem file is ready, you can import it in OE cert path. Command to run
certutil -import certname.pem
Restart pasoe instance.
Thanks, I will try that
 
Back
Top