May need to cross-certify

hcl-bot · October 2, 2014, 1:55am

Hi,

We have a website that is pretty much a front page and it sends information to another website, everything is secured by SSL. www.websiteA.com to www.websiteB.com

The certificate in www.websiteB.com was replaced with a new one from a different vendor. and now our application in www.websiteA.com is spitting out error everytime connecting to www.websiteB.com:

“Error connecting to ‘www.websiteB.com’ on port ‘443’, SSL invalid certificate, may need to cross-certify.”

I have downloaded the certificate from www.websiteB.com then went to domino directory to import the certificates (internet certificate) including the intermediate and trusted root, but the error still coming up. I then created cross certificate based on the intermediate and trusted root, but the error still coming up

We are running Domino 9.0.1 in www.websiteA.com and IIS in www.websiteB.com

Any help?

hcl-bot · October 3, 2014, 1:24am

Subject: Insert to keyring

I am answering my own question here.

Turns out I needed to insert the intermediate and trusted root certificate from the new vendor in to the keyring.

hcl-bot · October 3, 2014, 12:13pm

Subject: here’s a TN with the KYR import steps

https://www.ibm.com/support/docview.wss?uid=swg21449281 https://www.ibm.com/support/docview.wss?uid=swg21449281