My Oracle Support Banner

Importing a CA cert on new install (5.50.093) fails to use the CA cert when running openssl command (Doc ID 2683554.1)

Last updated on NOVEMBER 21, 2023

Applies to:

Oracle Secure Global Desktop - Version 5.5 and later
Information in this document applies to any platform.


On a new installation of SGD 5.50.093, the customer was attempting to install a CA certified SSL certificate. The import command appeared to work properly, however, the customer ran the openssl command which displayed the Oracle self-signed cert instead.

# /opt/SUNWsgdg/bin/gateway stop
# /opt/SUNWsgdg/bin/gateway sslkey import --keyfile server.key --certfile server.pem --cacertfile ca.pem
# /opt/SUNWsgdg/bin/gateway start


The following operation confirmed the success of import.

# /opt/SUNWsgdg/bin/gateway sslcert print
<correct info for newly installed cert>


However, the output of the openssl command indicates the Oracle self-signed cert

# openssl s_client -connect <>:443 -showcerts
depth=0 C = US, ST = CA, O = "Oracle Corporation, Inc", CN = <custname>
verify error:num=18:self signed certificate



 New installation


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.