Skip to Content

Error 14 - SSL Signature verification failure – Agentry

Hello Experts,

I am getting following error 'Error 14 - SSL Signature verification failure – Agentry'.

It works fine on Windows(Agentry client) , this problem is on Android device.

I referred this Note 1834619 , it says try to re-install Agentry client but still it has same issue.

Regards

Manish

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

5 Answers

  • avatar image
    Former Member
    Jan 16, 2015 at 03:28 PM

    Hi Manish,

    we hade the same problem. The Android Certificate need a special value in it and fixed it with this:

    First step is to reconstruct the PEM CA certificate:

    Create a text file called Android.txt containing this single line:  basicConstraints=CA:true

    Then issue this openssl command:

    openssl x509 -days 3650 -in server-cert.pem -signkey server-key.pem -extfile android.txt -out server-cert.pem.crt

    Second step is to convert the PEM (ASCII) certificate to DER (Binary) format.

    Do this by issuing this command:

    openssl x509 -inform PEM -outform DER -in server-cert.pem.crt -out AgentryTrustedCertificate.der.crt

    You will now have a new client certificate called CAcert.der.crt, which can be imported into the Android certificate store.


    Try it out!

    André

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Manish Meshram

      The Android.txt file should be in the same place where the openssl.exe file is (/bin directory from the openSSL installation path).

      Best Regards,

      André

  • Jan 16, 2015 at 01:52 PM

    Manish,

    What version of the Android Agentry client are you using?

    If you are using SMP3 (Agentry 7.0.x) you will also need to install the necessary certificate on the Android device.

    --Bill

    Add comment
    10|10000 characters needed characters exceeded

  • Jan 16, 2015 at 03:49 PM

    Hi Bill and Andre,

    I installed the certificate but still it gives same error.

    Regards

    Manish

    Add comment
    10|10000 characters needed characters exceeded

    • Thanks Bill for the information.

      How do we mitigate this issue, i am using SMP certificate ,

      it works on windows client from other machine but not on android device we are using.

      Regards

      Manish

  • avatar image
    Former Member
    Jan 20, 2015 at 07:48 AM

    Hi Manish,

    do you see in the SMP Log Files what error the Server produce?

    Maybe it depends on the server connection fro the android client. Can you reach the SMP Server from the android device?

    André

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Sep 01, 2015 at 12:40 PM

    Hi Manish,

    Proxy of NGINX will use .key and .cer file for verification. you should not use .cer file directly into mobile device

    Step1: Create a text file called Android.txt containing this single line:  basicConstraints=CA:true

    Step2: Rename .key to .pem and .cer to .pem [like server.key to server.pem]

    Step3: Navigate to openssl path in command line[]

    Step4: Execute command

              openssl x509 -days 3650 -in server-cert.pem -signkey server-key.pem -extfile android.txt -out server-cert.pem.crt

    Step5: you will get server-cert.pem.crt file. execute another command

                   openssl x509 -inform PEM -outform DER -in server-cert.pem.crt -out AgentryTrustedCertificate.crt


    Step6: Now you could use AgentryTrustedCertificate.crt to mobile certificate. it will come under trustedcertificate->users tab in android device

    Thank you

    Regards,

    Sathriyan

    Add comment
    10|10000 characters needed characters exceeded