It is possible that IGEL and the Receiver in OS11 doesnt works with ctx envirement what is using certificates with 1024bit RSA Public Keys?
I get by new customer the hole time certificates error. I checked that certs will be on client…. i try root.cer and storefront.cer. At other customer i never has problems with that, but i ́m not a certificates technical ^^
Not from what I recall, 1024 (even if not recommended) is still supported. I‘m not convinced that it‘s a certificate issue. What happens when entering the URL in Firefox?
If you are still searching on the certificate part, this commands might help:
To verify root certificate against site
openssl s_client -connect storefront.test.ca:443 storefront.test.ca:443 -CApath /etc/ssl/certs
Test all certs together for chain.
openssl verify -verbose -purpose sslserver -CAfile RootCert.pem -untrusted Intermediate.pem UserCert.pem
Test all certs together for chain if no intermediate Ca is present:
openssl verify -verbose -purpose sslserver -CAfile RootCert.pem -untrusted UserCert.pem
If i use (not secured) Browser with html5 i get after login this….html5 itself is not the prob….. works fine from other windows based clients with FF.
Ok, thanks. Let‘s see if the openssl commands help to get the right infos.
@member this might be a stupid question, but is the certificate deployed as a Common Certificate?
Yes all certs are commons,…. i try it as only file too with manuel folder…. doest work…. but one college means that the cerificate from stirefront ist too old…. some local windows browser doents work 100% too with the store.
@member are you able to open the certificates in a standard text editor (notepad/vim/gedit) and see a “BEGIN CERT” and “END CERT” section?
@member Yes the Certs have Begin and Ends…. A Certificate Specialist means that one of the Hop Certificates is too old or run out. So he will check this next week.
I would say that the error is not a certificate error, rather a config error. @member can you share a Pic of your storefront config for the IGEL. Pm if you want to keep your privacy intact
It was a certificate Issue AND a fail Information from customer with his domain 😕 ^^But the certificate was the main prob… to old…. chrome doesnt want that old thing too….
Continue reading and comment on the thread ‘It is possible that IGEL and the Receiver in IGEL OS 11 doesnt works with ctx envirement what is using certificates with 1024bit RSA Public Keys?’. Not a member? Join Here!
Learn more, search the IGEL Knowledge Base
Ask a question or comment on the above message thread?
Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.Submit a question, or Join Today!