cancel
Showing results for 
Search instead for 
Did you mean: 

Certificate error when accessing Portal

Former Member
0 Kudos

When accessing the Portal , we are getting a specific certificate error as below:

"The security certificate presented by this website was not issued by a trusted certificate authority".

None of the certificates in the key store of the portal have expired.

ValiCert Class 3 Policy Validation Authority is the root certificate being used.

When I searched on the Service market place, I could not find any Notes pertaining to this specific Root certificate.

Is this Root certificate at First place being supported by SAP?

If yes, is there any specific chaining order to be used for importing of certificates in to the key store if there are intermediate certificates being used?

Thanks in advance.

Accepted Solutions (0)

Answers (4)

Answers (4)

Former Member
0 Kudos

Hi All,

The issue has been resolved by the proper chaining of certificates and loading the certificates in correct manner into the key store.

Regards,

Murali Narayanan

Former Member
0 Kudos

Hi Murali,

I am facing the same issue. Could you please explain how your problem gets to be resolved by the proper chaining of certificates and loading the certificates in correct manner into the key store in detail? Thanks.

Regards,

Lydia Lin

Edited by: Lydia Lin on Jul 20, 2010 11:55 PM

Sunslayer86
Explorer
0 Kudos

I am in the process of renewing an Entrust certificate and am recieving the below error.

"The security certificate presented by this website was not issued by a trusted certificate authority".

I have a feeling that it may have the do with the 2048 bit length of the cert or possible the way I imported the new chain certificate.

Did you solve the problem? Any Ideas?

Former Member
0 Kudos

Thanks for your response.

I have still not resolved the issue pertaining to the certificate error when accessing the Portal.

Even I have the feeling that the issue is to do with the way the certificates are being imported as a chain into the Portal key store.

But, there is no SAP Note which gives details on how the chaining of certificates has to be carried out for Valicert Certificate.

Regards,

Murali Narayanan

Former Member
0 Kudos

Hi Murali,

I had same issue before regarding the certificates.

Please try to use Verisign certificate to remove the error message related to valid certificates.

Verisign provides a test certificate you can try fro 30 days.

Please revert back if you have more questions.

Kind Regards,

Vamsi.

Former Member
0 Kudos

Thanks for your response.

I shall have to stick to Valicert certificates only.

Do you have any documentation corresponding to Chaining mechanism by which the Intermediate certificates may be imported when Valicert Certificates are used as Root Certificates.

Regards,

Murali Narayanan

Former Member
0 Kudos

Does anyone have any suggestions for the issue I am facing.

Regards,

Murali Narayanan

cris_hansen
Advisor
Advisor
0 Kudos

Hi Murali,

Have you checked for error messages in the Portal traces?

Best regards,

Cristiano

former_member227283
Active Contributor
0 Kudos

Hi Murli,

More over on this certificate authority from whom you have purchase the certificate can help you to solve this problem.

It seems not an sap problem.

Thanks

Anil

Former Member
0 Kudos

Thanks for your reply !

My expectations for posting this query is for understanding the Chaining mechanism to be used when you have say, a root certificate and some intermediate certificates which is what is the case for me as well.

So, how do we import these certificates into the key store of the SAP portal ?

This definitely seems to be an issue from the portal end as when the certificate is added to the browser as also mentioned in one of the posts, the issue gets resolved.So, if the issue was with the root certificate, adding of the appropriate certificate to the browser would not have prevented the warning from appearing.

So, it is clearly a case of how do we import 1) A root certificate 2) two intermediate certificates 3) one certificate , so that chaining mechanism of the root, intermediate and subsequent certificates is always in tact.

Please let me know your opinions on how do we import these 4 certificates to the key store of the SAP portal so that chaining mechanism remains in tact for the case of "ValiCert Class 3 Policy Validation Authority" as the root certificate.

Thanks for all your responses !

Edited by: Murali Narayanan on Jan 25, 2010 3:26 PM

Edited by: Murali Narayanan on Jan 25, 2010 3:27 PM

Former Member
0 Kudos

Hi, Murali!

I believe the problem is that workstation you use for portal access doesn't trust the certificate authority which have signed the portal's certificate. follow [this|http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=feature-18875html&sliceId=&docTypeID=DT_ARTICLES_TIPS_1_1&dialogID=37151931&stateId=0%200%2037153889] to undarstand how this issue could be resolved

Former Member
0 Kudos

Thanks for replying !

Yes, you are right in posting the fact that the same can be avoided by adding the appropriate certificates in the browser.

I have already tried this and am able to avoid this error message when adding the appropriate certificate to my browser.

But, three important things need to be considered here like,

1) If there are large number of users for whom this is affecting, then the same cannot be carried out in the workstation of all these number of users.

2) There must be a specific reason why this is occuring despite of the fact that all the certificates(Root, Intermediate) are in validity only.

3) Based on my search on the Service market place, I had not found even a single valid reference for Root certificate "ValiCert Class 3 Policy Validation Authority".

Hence, I am just wondering if it is more because of the way in which the Root and Intermediate certificates are bundled together before being imported to the Key store.

Thanks in advance for your viewpoints on this !

Edited by: Murali Narayanan on Jan 25, 2010 12:25 PM

Former Member
0 Kudos

If there are large number of users for whom this is affecting, then the same cannot be carried out in the workstation of all these number of users

For intranet:

You can push root certificate to users workstations if you use AD. We are on Novell eDirectory, so we've carried this out via logon scripts. You can find registry key responsible for this root certificat and import it in user's ws when user log on performed

Edited by: Ivan O. Ivanov on Jan 26, 2010 10:22 AM

Former Member
0 Kudos

Thanks for your suggestions !

Requesting you to please suggest solutions based on the chaining mechanism of certificates during importing into the portal.

The pushing of certificates to all the individual workstations is not feasible in my case.

Requesting you to please suggest solutions based on the chaining mechanism of the certificates as i still feel that there must be a specific method by which the root, intermediate and other certificates need to be imported into the portal as a chain so as to avoid this error message.

Regards,

Murali Narayanan