Skip to Content
0
Former Member
Mar 23, 2009 at 07:45 AM

HTTPS (SSL) Interface needs pubilc key certified by CA?

94 Views

Hello Colleagues!

We are working on a secure HTTPS (SSL) connection between an external

Client and our PI system. External System > PI ICM > PI SOAP Adapter.

Certificate configuration performed at Trast Manager (STRUSTSSO2).

During establish a local test connectivity via IE Browser we receive a

Security Popup Window with following information:

Revocation Information for the security certificate for this site is

not available. Do you want to proceed?

Under View Certificate you will see that the Certificate are not

trusted.

Text: This certificate cannot be verified up to a trusted certification

authority.

When I confirm the Security Alert Popup Window with Yes i get a second

Security Alert Popup Window with detail information's.

After confirm again with Yes test connectivity external client to PI

SOAP Adapter are successfully established.

Due to these manually confirmations automatic message processing aren't

possible.

From my point of view lies the root cause in the not trusted signed PI

Public Key.

Questions:

1. Do we have to trust our PI Public Key e.g. by VeriSign? (This wasn't performed up to now!)

2. Is a different option possible (without certified public key by CA/server self certified)?

Many thanks in advance!

Regards,

Jochen Schertel