[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Certificate is not signed by a trusted certificate authority

From: "Kox, Herman" <Herman.Kox@xxxxxxxxx>
To: <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Certificate is not signed by a trusted certificate authority
Date: Thu, 17 Sep 2009 21:26:42 +0200

   Hi Scott,


   We are communicating for about 5 years without any problem with UPS
   using the SSL open software.


   For the second time this year we get a Certificate is not signed by a
   trusted certificate authority on our iSeries system. On the server
   from UPS they get


   . [Tue Sep 08 10:00:53 2009] [info] SSL library error 1 in handshake
   (server [1]www.pld.ups.com:443, client 213.194.32.13)

   [Tue Sep 08 10:00:53 2009] [info] SSL Library Error: 336151574
   error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate
   unknown


   [Wed Sep 09 09:05:33 2009] [info] SSL library error 1 in handshake
   (server [2]www.pld.ups.com:443, client 213.194.32.13)

   [Wed Sep 09 09:05:33 2009] [info] SSL Library Error: 336151574
   error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate
   unknown



   Without changing anything at our site, all errors are solved and
   everything was running again. The only thing we did was stating a VPN
   server and an iSeries IPL.


   We investigate what was going on and it seems to be that our
   certificate (Verisign) is expired for about 1 year. We try to renew it
   but for some reason we could not update the certificate store because
   of mismatch password.


   Certificate store password is not valid. Verify that you are using the
   correct password. Passwords are case sensitive. The system
   administrator may have changed the password.


   So I have 2 questions.


    1. Why does the UPS server first report an error and then after a
       while (3 days) he continues without any problem.
    2. How can we renew and update the certificate store without having
       problems with the password.



   Many thanks


   Herman Kox




   Disclaimer
   Dit bericht met eventuele bijlagen is vertrouwelijk en uitsluitend
   bestemd voor de geadresseerde. Indien u niet de bedoelde ontvanger
   bent, wordt u verzocht de afzender te waarschuwen en dit bericht met
   eventuele bijlagen direct te verwijderen en/of te vernietigen. Het is
   niet toegestaan dit bericht en eventuele bijlagen te vermenigvuldigen,
   door te sturen, openbaar te maken, op te slaan of op andere wijze te
   gebruiken. Ordina N.V. en/of haar groepsmaatschappijen accepteren geen
   verantwoordelijkheid of aansprakelijkheid voor schade die voortvloeit
   uit de inhoud en/of de verzending van dit bericht.
   This e-mail and any attachments are confidential and are solely
   intended for the addressee. If you are not the intended recipient,
   please notify the sender and delete and/or destroy this message and
   any attachments immediately. It is prohibited to copy, to distribute,
   to disclose or to use this e-mail and any attachments in any other
   way. Ordina N.V. and/or its group companies do not accept any
   responsibility nor liability for any damage resulting from the content
   of and/or the transmission of this message.

References

   1. http://www.pld.ups.com:443/
   2. http://www.pld.ups.com:443/

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

Prev by Date: Re: Certicate question
Next by Date: Help with request
Previous by thread: Re: Certicate question
Next by thread: Help with request
Index(es):
- Date
- Thread