search cancel

DevTest - SSL Certificate expired, new certificate give error

book

Article ID: 203004

calendar_today

Updated On:

Products

CA Cloud Test Mobile CA Application Test

Issue/Introduction

When Certificate expired, created a new one and deployed but the new certificate is not being recognized.  The old, expired cert allows the app to come up but the new certificate is not recognized.  Not sure why the application won't consume the new certificate.  All certificates have been created in the same manner.  

The Error thrown is: 'ERR_SSL_VERSION_OR_CIPHER_MISMATCH'

Environment

Release : 10.2

Component : CA Service Virtualization

Resolution

The issue was initially that the SSL certificate had expired. The problem ran into was the way the new certificate was imported (TrustedCertEntry) instead of a PrivateKeyEntry. To correct the issue the Security team had to generate a new Certificate/Key and import them into the keystore and use it.

Note: During this process, need to clean up the keystore and remove all the other imported certificates(TrustedCertEntry) attempts that were still hanging around in the keystore.