I’d like to ask you regarding CA Certificate Directory setting.
In the help, it says… If you want the server to trust no certificate authorities, be sure to set the watt.security.cert.wmChainVerifier.trustByDefault property to False and leave this field blank.
I tried not to set it to False and just leave the CA Certificate Directory field blank or wrong directory.
- watt.security.cert.wmChainVerifier.trustByDefault=true in server.cnf - CA Certificate Directory : unspecified in Security > Certificates
The server seems not to trust certificate authorities as well.
Nevertheless, do I have to set watt.security.cert.wmChainVerifier.trustByDefault property to False?
I have exactly the same problem (IS 6.5, SP3), it´s included in the following thread: [URL=“wmusers.com”]wmusers.com
I´ve reproduced it by letting the IS be both the client and the server.
Basically, what I did was: -Ceate a self sign certificate -Define a port using https as the transport protocol, point out the self signed certificate here -invoke a service (on the IS) using SSL and see if the IS trusts the server certificate).
I had the following settings: watt.security.ssl.client.ignoreEmptyAuthoritiesList=true watt.security.ssl.ignoreExpiredChains=true watt.security.cert.wmChainVerifier.trustByDefault=true
