Using Certification Authority (CA) certificates with CA XCOM for Windows

book

Article ID: 141840

calendar_today

Updated On:

Products

CA XCOM Data Transport CA XCOM Data Transport - Windows XCOM - SUPPORT

Issue/Introduction

I am trying to configure SSL communication on an XCOM server on Windows. I have obtained a certificate from a Certification Authority (CA), and copied it to the "%XCOM_HOME%\ssl\certs" folder. The certificate is issued by an intermediate CA. The intermediate CA certificate is, in turn, issued by a root CA. I have copied the intermediate CA certificate to the "%XCOM_HOME%\ssl\certs" folder, and set the "[CA] RECEIVE_SIDE" property in the configssl.cnf file to point at this certificate. However, I see no place in the configssl.cnf file where I can point at the root CA certificate. I can successfully connect to the XCOM server over SSL. However, when I try to retrieve the certificate chain, only the server certificate and the intermediate CA certificate show up in the chain, while the root CA certificate doesn't. This may prevent clients who only trust the root CA to be able to connect to the server. Please advise.

 

Environment

Release : 11.6  SP02

Component : CA XCOM Data Transport for Windows

Open SSL

Resolution

 Concatenate the  intermediate CA and root CA certificates and put them under the [CA] heading.

The other certificates go under the [CERTIFICATE] heading.

Additional Information

For additional information please consult your your security admins.  We cannot configure your certificates.