HTTPS Certificate configuration

raviusd · April 2, 2003, 2:35pm

We are trying to send outbound EDI transaction through HTTPS to one of our partners.

We are able to receive transactions from the partner but not able to deliver the document back to the partner.

The chainverifier failed error occurs when we try to deliver the document back to the partner.

We have configured the Certificate in the Integration folder:

Copied the partner CA cert to the trustedCA folder and the installed the clinet public key to the Integration server.

When we import the certificate the Issuer CN value is blank.

The CA cert of the partner , Verisign is defined by OU and not by CA so the field value of this field is empty.

we feel that there is problem identifying the certificate to the CA certificate.

Has anyone faced this problem.
Any advice and help on this appreciated.

jim.wilson.42003 · April 2, 2003, 6:45pm

It sounds like the steps you’ve taken so far correctly configured your partner’s certificate and CA so you can receive transactions but they have not yet done the same. Have you provided your public key and CA certificates to your partner and can you confirm they have installed them correctly? the chain verifier error on outbound transactions typically indicates that they do not have your CA cert installed correctly.

Regards,
Jim

raviusd · April 2, 2003, 8:37pm

We have exchnaged the public keys.

we are currently getting the following error while trying to deliver the EDI document:

java.io.IOException: iaik.security.ssl.SSLException: Server certificate rejected by ChainVerifier

Task 6orkjm00uh5c84t3000001fh failed with no more retries available. Reason for failure - java.io.IOException: iaik.security.ssl.SSLException: Server certificate rejected by ChainVerifier

We felt the problem is on our end as when we tried to install the partner certiicates in the integration server. we found that the “Issuer CA” for the partner was null.

The CA certificate does not have a CN value but has only the OU value.
Is there a problem for the IS server to identify the Certificate with the CA cert.

rapparaju · April 2, 2003, 9:21pm

Try to give the certicate directory information also in the TNConsole Security tab of your enterprise and may be in the Partner profile section also to whom you are delivering back the document (tradingpartner).

HTH.