My Oracle Support Banner

Importing a CA cert on new install (5.50.093) fails to use the CA cert when running openssl command (Doc ID 2683554.1)

Last updated on JUNE 30, 2020

Applies to:

Oracle Secure Global Desktop - Version 5.5 and later
Information in this document applies to any platform.

Symptoms

On a new installation of SGD 5.50.093, the customer was attempting to install a CA certified SSL certificate. The import command appeared to work properly, however, the customer ran the openssl command which displayed the Oracle self-signed cert instead.

# /opt/SUNWsgdg/bin/gateway stop
# /opt/SUNWsgdg/bin/gateway sslkey import --keyfile server.key --certfile server.pem --cacertfile ca.pem
# /opt/SUNWsgdg/bin/gateway start

 

The following operation confirmed the success of import.

# /opt/SUNWsgdg/bin/gateway sslcert print
<correct info for newly installed cert>
.

.

However, the output of the openssl command indicates the Oracle self-signed cert


# openssl s_client -connect <example.com>:443 -showcerts
CONNECTED(00000003)
depth=0 C = US, ST = CA, O = "Oracle Corporation, Inc", CN = <custname>
verify error:num=18:self signed certificate

 

Changes

 New installation

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.