- Product Version:
- Problem Description:
- Cause:
- The SSL certificate installed on the ServosityOBS server is found to be invalid
- The SSL certificate installed on theServosityOBS server has expired
- The SSL certificate installed on the ServosityOBS server is a self-signed certificate
- The SSL certificate installed on the ServosityOBS server is not signed by a Java trusted root Certificate Authority
- A Wildcard SSL certificate has been installed on the ServosityOBS server (applies toServosityPro/Servosity Standard version prior to 5.2.7.0 only)
- The hostname setting on the ServosityOBM console does not match up with the hostname which the SSL certificate is issued to
- ServosityPro is installed on an OS platform that is bundled with an older versions of Java
- Resolution:
ServosityStandard: Post-5.2.6.3
ServosityPro: Post-5.2.6.3
OS: All platforms
ServosityPro: Post-5.2.6.3
OS: All platforms
ServosityPro/ServosityStandard cannot connect to an ServosityOBS server via the HTTPS protocol. Upon further investigation, backup job that is scheduled to be run is also not running.
A security patch has been introduced in ServositPro/Servosity Standard version 5.2.6.3 to assure that the SSL certificate be validated.
Thus, if the HTTPS protocol is selected, and one of the following condition is met. The connection to the corresponding ServosityOBS server will not be allowed:
Since the cacerts file (located in %JAVA_PATH%/lib/security) has not been updated with the current list of Certificate Authority (CA), hence a newer CA's may not have existed when these versions of Java were released.
Thus, if the HTTPS protocol is selected, and one of the following condition is met. The connection to the corresponding ServosityOBS server will not be allowed:
Since the cacerts file (located in %JAVA_PATH%/lib/security) has not been updated with the current list of Certificate Authority (CA), hence a newer CA's may not have existed when these versions of Java were released.
Please connect to theServosityOBS server using the server hostname instead of server IP.
Ensure that the SSL certificate installed on theServosityOBS server is valid, and not expired.
Verify if the backup server hostname entered on the ServosityPro console does match up with the hostname which the SSL certificate is issued to. Please pay close attention to the case of the hostname, as the setting is case sensitive.
In the cases where the SSL certificate installed is a self-signed certificate, please update the cacerts file on the affected machine to resolve the issue. The instructions can be found by LINKTO:FAQ: How do I import a self-signed certificate to a keystore cacerts file?
In the cases where the SSL certificate installed on the AhsayOBS server is not signed by a Java trusted root Certificate Authority, please update the cacerts file on the affected machine to resolve the issue. The instructions can be found by LINKTO:FAQ: How do I add a Certification Authority to Java's keystore cacerts file?
In the cases where a Wildcard SSL certificate has been installed on the ServosityOBS server, please patch theServosityPro/ServosityStandard software to the latest hot-fix release. The instruction can be found by LINKTO: FAQ: How to install the latest patch set or hotfixes to ServosityPro or
SevosityStandard?
In the cases whereServosityPro is installed on an OS platform which utilize an older versions of Java, please follow the instructions as follow:
1. Download the updated cacerts file
2. Stop theServosityPro scheduler and AUA services
3. Rename the current %JAVA_PATH%/lib/security/cacerts file to %JAVA_PATH%/lib/security/cacerts.old
4. Extract the download cacerts file to the %JAVA_PATH%/lib/security directory
Ensure that the SSL certificate installed on theServosityOBS server is valid, and not expired.
Verify if the backup server hostname entered on the ServosityPro console does match up with the hostname which the SSL certificate is issued to. Please pay close attention to the case of the hostname, as the setting is case sensitive.
In the cases where the SSL certificate installed is a self-signed certificate, please update the cacerts file on the affected machine to resolve the issue. The instructions can be found by LINKTO:FAQ: How do I import a self-signed certificate to a keystore cacerts file?
In the cases where the SSL certificate installed on the AhsayOBS server is not signed by a Java trusted root Certificate Authority, please update the cacerts file on the affected machine to resolve the issue. The instructions can be found by LINKTO:FAQ: How do I add a Certification Authority to Java's keystore cacerts file?
In the cases where a Wildcard SSL certificate has been installed on the ServosityOBS server, please patch theServosityPro/ServosityStandard software to the latest hot-fix release. The instruction can be found by LINKTO: FAQ: How to install the latest patch set or hotfixes to ServosityPro or
SevosityStandard?
In the cases whereServosityPro is installed on an OS platform which utilize an older versions of Java, please follow the instructions as follow:
1. Download the updated cacerts file
2. Stop theServosityPro scheduler and AUA services
3. Rename the current %JAVA_PATH%/lib/security/cacerts file to %JAVA_PATH%/lib/security/cacerts.old
4. Extract the download cacerts file to the %JAVA_PATH%/lib/security directory