This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Revenera Community
- :
- FlexNet Connect
- :
- FlexNet Connect Forum
- :
- Installing FNC 11.6 using SSL
Subscribe
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Sep 23, 2009
05:38 PM
Installing FNC 11.6 using SSL
Hello, I am in the process of installing version 11.6 of FLEXnet Connect on a production server and wanted to use SSL. I had my company purchase a certificate from a CA and I created my own .jks file based on some information I got from the net. However, after installing FNC 11.6 using SSL and the .jks I can't connect to the Publisher site.
I was wondering if anybody had done this before? If so, would you have detailed instructions on how to create the .jks file and any other tricks you might have used to get this to work properly? The FLEXnet Connect 11.6 Deployment Guide simply says "Note: Details on the creation and installation of JKS certificates are outside the scope of this document. For details about JKS certificates, consult you application server, web server, or J2EE documentation." Boy, that's a big help!
Thanks in advance for any advice!
Tim
I was wondering if anybody had done this before? If so, would you have detailed instructions on how to create the .jks file and any other tricks you might have used to get this to work properly? The FLEXnet Connect 11.6 Deployment Guide simply says "Note: Details on the creation and installation of JKS certificates are outside the scope of this document. For details about JKS certificates, consult you application server, web server, or J2EE documentation." Boy, that's a big help!
Thanks in advance for any advice!
Tim
(6) Replies
Not applicable
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Sep 24, 2009
10:49 AM
I'm not really versed when it comes to troubleshooting the use of SSL certificates. I know we've had several customers get the SSL certs running with their server, but the configuration can be a little rough.
If you have a chance, I would suggest contacting support at 847-413-2896 and explaining your scenario. A lot of times the support people have gone through this enough times that they can help guide you through getting this stuff working.
If you have a chance, I would suggest contacting support at 847-413-2896 and explaining your scenario. A lot of times the support people have gone through this enough times that they can help guide you through getting this stuff working.
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Sep 24, 2009
02:30 PM
Hi Bryan, I have already contacted support and have an opent ticket for this. The engineer I am working with is still researching it. That tells me Acresso does not have a lot of customers either using FNC period, or using FNC with SSL. It is beyond appalling that there isn't even a how to article or something in the Acresso Knowledge Base. I have spent 1 and 1/2 days researching this on the Internet before I was able to resolve it on my own.
Not exactly the kind of experience I was expecting to have installing this expensive product!
Tim
Not exactly the kind of experience I was expecting to have installing this expensive product!
Tim
Not applicable
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Sep 25, 2009
08:53 AM
TimStVCS wrote:
Hi Bryan, I have already contacted support and have an opent ticket for this. The engineer I am working with is still researching it. That tells me Acresso does not have a lot of customers either using FNC period, or using FNC with SSL. It is beyond appalling that there isn't even a how to article or something in the Acresso Knowledge Base. I have spent 1 and 1/2 days researching this on the Internet before I was able to resolve it on my own.
Not exactly the kind of experience I was expecting to have installing this expensive product!
Tim
I'm glad to hear you were able to solve it on your own, but sorry that our support engineer was unable to help you. We don't yet have a lot of customers using the SSL/HTTPS style of traffic, though I would expect long-term that's a direction more of our customers will go. ( note: HTTPS isn't a new feature of FNC but many sites generally haven't had as strict of security requirements as they may want to have in the future. My own personal opinion is that HTTPS is a pretty core bit of ESD and so-forth, but that's not really related to whether customers choose to use the feature. Obviously we put in place communication checks that are done whether or not a user is taking advantage of secure traffic. ).
I'll flag this to our documentation/support teams so that they can look at improving this area of the product for future reference.
Sorry for any inconvenience this may have caused.
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Sep 25, 2009
10:06 AM
Good morning Bryan, thanks for the reply. I am still having difficulty. As it turns out, I still must have some issues with the .jsk that I created because I get a certificate error warning when I go to the FNC publisher site. I can manually choose the link to continue on to the website despite the warning, but programmatically speaking, the WPF application that I wrote to process the notifications and messages cannot connect to the notification server. I am assuming it is because of the certificate error?
Anyway, I am working with our CA and going to generate a whole new .jsk to see if that corrects the problems. I don't mean to be so critical of FNC, in-fact I am a champion for Acresso and FNC and InstallShield and believe in your products. I made the buy recommendation at the company where I work for all of the Acresso products that we use. Anyway, it just seemed rather unfair and unfortunate that there was virtually no help from Acresso with regards to this issue. The company that I work for is an ISV and we sell Enterprise Software which works with MS SQL Server. To me, the lack of support by Acresso for a piece of the product that is required in order to make FNC work correctly would be like my company giving new customers the installation CD-ROM and saying "good luck" we require SQL Server as our back end database but you are on your own when it comes to installing and configuring it. Obviously, this is not how my company operates, for if it was we wouldn't be in business much longer.
Tim
Anyway, I am working with our CA and going to generate a whole new .jsk to see if that corrects the problems. I don't mean to be so critical of FNC, in-fact I am a champion for Acresso and FNC and InstallShield and believe in your products. I made the buy recommendation at the company where I work for all of the Acresso products that we use. Anyway, it just seemed rather unfair and unfortunate that there was virtually no help from Acresso with regards to this issue. The company that I work for is an ISV and we sell Enterprise Software which works with MS SQL Server. To me, the lack of support by Acresso for a piece of the product that is required in order to make FNC work correctly would be like my company giving new customers the installation CD-ROM and saying "good luck" we require SQL Server as our back end database but you are on your own when it comes to installing and configuring it. Obviously, this is not how my company operates, for if it was we wouldn't be in business much longer.
Tim
Not applicable
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Sep 29, 2009
09:08 AM
Yeah, the issue you're encountering is because of some form of problem with the certificate - often times this can occur if the root authority isn't trusted or installed on the target box or, in some situations, can happen when the certificate itself is lacking some piece.
Unfortunately, I'm not as familiar with the jks certificate store's internal workings as much as I am with others ( my focus is more on the Windows side of things 🙂 ) so I'm not as sure on how to best verify the integrity of the cert. I'm sure a search could yield more information there.
edit: this looks like it might be relevant to your case if you're using a GoDaddy cert: http://forums.sun.com/thread.jspa?threadID=5408686&tstart=1
Unfortunately, I'm not as familiar with the jks certificate store's internal workings as much as I am with others ( my focus is more on the Windows side of things 🙂 ) so I'm not as sure on how to best verify the integrity of the cert. I'm sure a search could yield more information there.
edit: this looks like it might be relevant to your case if you're using a GoDaddy cert: http://forums.sun.com/thread.jspa?threadID=5408686&tstart=1
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Sep 29, 2009
11:12 AM
Thanks for the post Bryan. As it turns out I believe it was basically the fact that Acresso Support told me to enter the external IP address on the dialog box titled "Configure IP Address for Tomcat Notification Server". As it turns out, at least in our situation that was wrong and it should have been the internal IP address. There were probably also mistakes made on my part when it came to generating and installing the .jsk that took me quite a while to figure out and correct. These things combined led to the difficulties that I encountered.
Anyway, all is well and up and running. I would still like to see some documentation or KB articles from Acresso regarding the generation and installation of the .jsk since it is such an integral piece of the pie.
Tim
Anyway, all is well and up and running. I would still like to see some documentation or KB articles from Acresso regarding the generation and installation of the .jsk since it is such an integral piece of the pie.
Tim