Using Certification Authority (CA) certificates with CA XCOM for Windows

book

Article ID: 141840

calendar_today

Updated On:

Products

CA XCOM Data Transport CA XCOM Data Transport - Windows XCOM - SUPPORT

Issue/Introduction

I am trying to configure SSL communication on an XCOM server on Windows.

  • A certificate  was obtained from a Certification Authority (CA)
  • It was copied it to the "%XCOM_HOME%\ssl\certs" folder.
  • The certificate is issued by an intermediate CA. The intermediate CA certificate is, in turn, issued by a root CA.
  • The intermediate CA certificate was copied to the "%XCOM_HOME%\ssl\certs" folder
  • The "[CA] RECEIVE_SIDE" property in the configssl.cnf file points to this certificate.
  • It is possible to successfully connect to the XCOM server over SSL.
  • When trying to retrieve the certificate chain, only the server certificate and the intermediate CA certificate show up in the chain, while the root CA certificate doesn't.
  • This may prevent clients who only trust the root CA to be able to connect to the server. 

 

Environment

Release : 11.6  SP02

Component : CA XCOM Data Transport for Windows

Open SSL

Resolution

 Concatenate the intermediate CA and root CA certificates and put them under the [CA] heading.

The other certificates go under the [CERTIFICATE] heading.

Additional Information

For additional information please consult your your security admins.  We cannot configure your certificates.