- This topic has 2 replies, 2 voices, and was last updated 6 years, 4 months ago by .
Viewing 3 posts - 1 through 3 (of 3 total)
Viewing 3 posts - 1 through 3 (of 3 total)
- You must be logged in to reply to this topic.
Hello. I have installed WMS and I’m trying to add a certificate to it to replace the self-signed cert that comes with the initial install. I’ve created a PKCS12 certificate in the appropriate format and I’m attempting to load it using the Portal-Admin/Setup functionality but I’m getting an error “Can not verify CRL for certificate: CN=<server-fqdn>”. Looking at the log I see it’s failing to retrieve the CRL for the certificate, the reason is “[LDAP: error code 1 – 000004DC: LdapErr: DSID-0C0907C2, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580 ]”.
I understand that Tomcat doesn’t support LDAP for CRLs. My certificate has other valid CRL distribution points but WMS doesn’t appear to be trying any of them.
Has anyone else come across this? I’ve been fighting with this for 2 days now and my grey hair is turning white!
Thanks, Andrew.
Are you able to skip this error message?
Typically this message occurs when WMS is not able to contact the CRL list.
CG
I was able to get it to work. The CRL CDP in the certificate wasn’t good so I rebuilt the CA to have valid CDP information.
One thing that I came across might trip others up. The trick is that where it asks for an “Apache Intermediate Certificate” it is really asking for the ROOT certificate (in Base-64 format).
Thanks for the assistance.
Andrew.
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |