In this scenario, we have the following:

- Some users trying to open Webapp from a external network (behind a NAT firewall). It does not work.

- Other users opening WebApp from the LAN. It works normally.

- However, the remote users will be able to use WebApp if a someone in the LAN network already has opened a WebApp session.

Looking at Oneclick tomcat log file, we can see the following:

-----------------------
     
Jan 13, 2023 13:05:53.596 (https-jsse-nio-443-exec-23) - IOException while connecting to webapp, URL : https://xxx.xxx.xxx.xxx:9443/spectrum ,Msg : connect timed out

Jan 13, 2023 13:05:53.596 (https-jsse-nio-443-exec-23) - Trying with localhost

Jan 13, 2023 13:05:53.606 (https-jsse-nio-443-exec-23) - IOException while connecting to webapp, URL : https://localhost:9443/spectrum ,Msg : connect timed out

javax.net.ssl.SSLException: Certificate Not Valid

-----------------------

Release : Any supported version.

Expired certificate in use.

Customer has confirmed that the certificate was expired. So after using a new generated certificate, the problem was solved.

In addition, customer has confirmed the following:

- The users in the internal network were using Google chrome version 73.0, which works with an expired certificate;

- The users in the external network were using Google chrome version 109.0, which does not work with an expired certificate;