I am having a problem adding a trading partner’s public cert in TN console. The error message is:
Can not verify certificate chain (0) com.wm.util.LocalizedCertificateException: [ISC.0009.9002] Error in certificate chain.
According to the trading partner, this certificate has been used in other EDIINT implementations.
Is there a way to turn off certificate verification when adding new certificates in TN?
We are on on IS 6.0.1 SP2.
Dave,
Is that certificate worked when you load it in IE browser.Please verify that it is valid CA.
HTH,
RMG.
I loaded the certificate through windows XP and IS 601 admin. It loaded fine.
Dave,
As RMG pointed out, please make sure that you have the complete certificate chain within your WM setup:
1- Try adding the CA certificate first in the TN console
2- CA that issued this certificate must be trusted, i.e., in the trusted CA directory (this usually requires a re-start of wm server).
~tS
I took a while, but the resolution to this issue was the certificate serial number. Aparently, webMethods does some pretty extensive AS2 certificate validation through the entrust libraries that are built into Trading Networks. With the help of webMethods support, we found out that the trading partner’s certificate serial number was 00 00 00 01. According to the Drummond group’s AS2 certification, the leading-order values cannot be 00. The trading partner changed their certificate serial number to read 01 00 00 01 and it loaded into TN just fine.
Thanks for the update.it helps if anyone gone into similar kind of problem.