SSL Self-Signed Certificate Invalid

Hi All,

I’m trying to configure SSL on a gateway using the in-built self-signed certificate generator. After installing the certificates I can access the gateway homepage, however I cannot start a designer session from a remote machine (Windows 10 laptop). I can locate the gateway and attempt to add the certificate:

But I receive the following error when trusting the certificate:

I’ve manually added the certificate to the client launcher and used the instructions from the post below to add the certificate to Microsoft Management Console (I exported the certificates from Chrome).

Gateway Details
Version: 8.0.13
Client launcher: 1.0.13
OS: CentOS

Any help would be greatly appreciated - Thanks

I get exactly this error in OpenSuse 15.1 on 8.0.14
The post link above works for our self-signed certificate in Windows. The designer can edit views now (no certificate error).
But am having trouble with designer running on OpenSuse 15.1 (and Ubuntu). The view editor will not open the perspective view for editing. says “ERR_CERT_INVALID”
I’ve added the certificate to the /etc/ssl/certs/ directory (Suse) and performed sudo update-ca-certificates but with no success as to editing views in the designer.
The cert I added was exported from the browser from our gateway designer-launchers page as a .crt file instead of a .pem file. Everything else in /etc/ssl/certs is a .pem file.
Anyone else have success in Suse or Ubuntu?

I too am on OpenSuse 15.1 but on 8.0.15. The error is now more descriptive but it still doesn’t work. Did you come up with a solution?
SSL Error

It looks like you are attempting to connect to the gateway using an address which doesn’t match the Common Name or any of the Subject Alternative Names on the certificate thats installed on the gateway. You should try to use the URL in the launcher that matches one of these certificate fields. I would also recommend looking at the Public Address Settings on the gateway which may help alleviate some of these issues since the launcher will be redirected to this address (which should be set to the same as the cert)

1 Like