Skip to Content
0

Agentry certificate issue with smp server

Jan 25, 2017 at 12:26 PM

230

avatar image
Former Member

Hello Experts,

We have developed one Agentry application, App ID is generated on SMP server.After link applied on chrome browser Getting "I am here!" ,when the same link is applied on Agentry client, it giving certificate error.I have created certificates using Host name as well as IP address,After installation of these certificates alternatively still error is occurring.

Following are detail configuration which i am using :

1. SMP server : version 3.0.10.0.

2. SMP SDK : version 2.0.13.0 & 3.Agentry Client : version 70.13.4.68

Please suggest suitable help. Attaching screenshots. PFA. Thanks in Advance .Also please let me know if you require some more details about this issue.

Regards,

Pavan

agentry-issue.jpg (36.8 kB)
10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

2 Answers

Bill Froelich
Jan 25, 2017 at 01:48 PM
0

The Agentry client needs to be able to trust the issuer of the server certificate. In this case it is telling you that the certificate received for COM-3 was not issued by a trusted authority. You will need to install the appropriate CA certificate(s) on your device so the client can validate the issuer.

Are you connecting directly to the SMP server or are you going through a load balancer or proxy?

Do you know if the certificate is self signed or issued by an internal CA or 3rd party CA?

Usually (especially with WPF clients) the easiest thing is to connect to the URL in Internet Explorer and then View the certificate received. IE will usually let you install it directly from there. You will need to store it in the Trusted Roots Certification Authorities catalog. Once you have installed it close all your IE instances and reconnect to the URL. You should not see any warnings about the certificate. Then try connecting from the WPF client.

--Bill

Show 3 Share
10 |10000 characters needed characters left characters exceeded
Former Member

Hello Bill,

I clicked the SAP Management Cockpit icon & it opened in IE,installed certificate from IE also attaching screenshot of it.The certificate of COM-3 is self signed. I have tried to make certificate with IP address as well as static IP & kept it in Trusted Root Certificates Authorities.I am directly connecting to SMP server .Please let me know if you need more details.

Installed certificates mentioned above.

Now getting new error "Requesting Public Key from Server Public Key Request Failed".

Regards,

Pavan

0

After installing the certificate you should close and reopen IE and connect again to the cockpit. If you still see a Certificate Error then something needs to be adjusted.

Are you on Win 10 AU? If so you may need to make sure your certificate is generated with SHA256 or higher as windows is now treating SHA1 certificates and non-existant (insecure).

--Bill

1
Former Member
Bill Froelich

Hello Bill ,

I am using Windows 8 pro . Is this OS related issue?

Regards,

Pavan

0
Subash Narayan
Jan 27, 2017 at 03:58 PM
0

Hi Pavan,

Please make sure you have the correct certificate installed. The location of the of the SMP Certificate is in the SMP/Server/Configuration folder . I have attached screen shot of the certificate location and to find out the name of the certificate.

Thanks

Subash Narayan

SAP Support Engineer


wyptw.png (310.6 kB)
Show 4 Share
10 |10000 characters needed characters left characters exceeded
Former Member

Hi Subash,

Now Certificate Error from IE gone, by closing & reopening of IE.

Now new error occurring, Please check below images.

Is still something missing ? Please let me know.

Regards,

Pavan

agentryclient.jpg (50.5 kB)
requestfailed.jpg (23.9 kB)
0
Former Member
Former Member

This looks to be a different issue now. Can you post the startup.log and events.log file from the server? You might be seeing this error: https://archive.sap.com/discussions/thread/3569444

0
Former Member
Former Member

Hello Stephan,

Sorry for late reply.Sending startup.log & events.log file for your consideration. Please check. I also tried as per mentioned in link & i am unable to identify from MachineKeys folder which one is required key of SMP server. Provided necessary authority to that folder, but didn't worked.

Regards,

Pavan

events-log.txt startup-log.txt

events-log.txt (7.2 kB)
startup-log.txt (3.8 kB)
0

When I have trouble identifying the file I will move everything to a temporary location and then startup the server so it generates as needed. Then move everything expect that name back to the folder.

--Bill

0