Skip to Content
avatar image
Former Member

SAP Business One Certificate error

Hello all!

Out of nowhere upon opening B1 Client we get the message "There is a problem with the server's security certificate.

The Security certificate is not from a trysted certifying authority. SAP Business one is unable to connect to the server."

Logging from the server is successful without any problems, this only appears when trying to log in from a client, before even asking for credentials.

The users were working and it was noticed as one of them restarted their computer.

The ones who were still logged in were able to continue working.

The server was restarted in case it would have been helpful and all users now have the same problem. Still logging in B1 through remote desktop is possible.

What is this certificate mentioned? Why did it occur without any other problems? How can it be fixed?

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

9 Answers

  • Best Answer
    Jun 15, 2016 at 12:21 PM

    Hi Nikos,

    I just saw a similar issue posted here. In their case it appeared to due to a Windows 10 automatic update from yesterday:

    Are you running Windows 10 on the affected machines, or is Windows update set to update automatically ?

    Regards,

    Johan

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jun 16, 2016 at 03:32 PM

    My guess is that it seems like WIndows 10 no longer likes the weak certificate used by the SLD. Would replacing the certificate with a stronger one in the server work? Is that even possible?

    I tried adding the certificate provided by the server on port 30010 to the client's trusted certificates, but it still doesn't work.

    Add comment
    10|10000 characters needed characters exceeded

  • Jun 15, 2016 at 09:17 PM

    This solved my client's issue.  In Canada it was actually KB3163017.

    I did try a reinstall and it didn't have any effect.  Thanks!

    Mike

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jun 15, 2016 at 09:51 PM

    For us here in Panama it was KB3163018. After uninstalling it it worked.

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jun 16, 2016 at 06:01 PM

    From Brazil reporting it also works well after uninstalling update KB3163018. Tks

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      What about trying to update the SLD certificate with a stronger one? Can anyone try this?

      How to generate and install a self-signed PKCS12 certificate for SLD of B1 90 or B1H 9.0 or higher version?,

      https://service.sap.com/sap/support/notes/2046101

      I don't have a test server with a running SAP B1, so I didn't have the courage to try it (and end up with an invalid certificate which won't work even without the windows update).

      I just tried to replace the pkcs12 keystore pointed to by

      C:\Program Files (x86)\SAP\SAP Business One ServerTools\System Landscape Directory\tomcat\conf\server.xml

      (at the entry keystoreFile="C:\Program Files (x86)\SAP\SAP Business One ServerTools\Common\sapjvm_6\jre\bin\keystore.p12")

      ...with a keystore I use which has a stronger certificate (I use it on my web/IM server), but it didn't work; it looks like either SLD has to be reinstalled to see the new keystore, or the procedures I linked above have to be used.

  • avatar image
    Former Member
    Jun 23, 2016 at 10:56 AM

    For those not subscribing to the other thread, Mingbo Wu, saviour of the universe, has posted a solution there:

    Add comment
    10|10000 characters needed characters exceeded

    • Hi

      If editing the server files are presenting too high a risk as posted by Mingbo Wu, you can run gpedit.msc on each pc or for your domain and do the following steps:

      1. gpedit.msc on START-RUN

      2. Expand Computer configuration

      3. Expand Administrative Template

      4. Network Network

      5. Expand SSL Configuration

      6. Enable SSL Cipher Order and copy (with thanks to MingBo!) his entry to the front of the Cipher Order.

      TIP add a comma to the existing and then copy this in front of the comma.

      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA

      7. Restart

  • Jun 16, 2016 at 02:17 PM

    From México reporting it also works well after uninstalling update KB3163018. Have a great day!

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jun 16, 2016 at 03:41 PM

    From Hungary reporting it also works well after uninstalling update KB3163018. Thanks!!!

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Aug 02, 2016 at 09:39 AM

    Hi Folks,

    I've had this error this morning on an Terminal Server 2012R2 after installing some Windows patches..

    After deleting the patches SAP Business One is working fine but now I can't install the security updates.. do any of you have an idea what I can do so installing windows updates won't give problems?

    Greetz,

    David

    Phylax ICT

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hi David, Mingbo Wu's workaround worked for me (since then I've upgraded to 9.1 PL12, which does not present the issue, but I could install the windows updates and still work with 9.0 for about a month). See his workaround below: