Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

The public Key certifcate retrieved from server (------) is not recognized as originating from

Kais_Khelif_179
Level 2
Level 2

Hi there,

We are using SSL for adminui and everything is working fine. I tried to use SSL for workbench and changed the profile setting in the connection to use protocol "Simple Object Access Protocol (SOAP/HTTs) with Server Port Number:8443 and I did add the certificate to the store per documentation and am still getting the error "The public key certificate retrieved from server (--------) is not recognized as originating from a trusted source. Check with your system administrator for instructions on configuring Workbench to accept this certificate.

Thanks

Workbench ES3

0 Replies
Kais_Khelif_179
Level 2
Level 2

I did that doc word for word (Even several times) and workbench is not allowing me to connect from my workstation but it works using HTTPS on the server itself.

Thanks

WASIL
Employee
Employee

Point to be noted : Ensure that you connect to HTTPS by using the name that is specified in the certificate. This name is typically the fully qualified host name.

Kais_Khelif_179
Level 2
Level 2

The name specified in the cert is the host name only and not the full qualified domain name. Does it really have to be the FQDN instead.?

WASIL
Employee
Employee

In server settings(Workbench), you should provide the hostname as there in your certificate(i.e. hostname + domain).

Kais_Khelif_179
Level 2
Level 2

Everything matches. Cert is hostname and the server settings(Workbench) is hostname as well.

WASIL
Employee
Employee

Check whether certificate has been imported inside cacerts keystore successfully, use keytool -list -keystore <Path to cacerts> | more

Kais_Khelif_179
Level 2
Level 2

it looks like it did.

Keystore type: JKS

Keystore provider: SUN

Your keystore contains 1 entry

ServerName, Jun 5, 2013, trustedCertEntry,

Certificate fingerprint (MD5): (Entry)

WASIL
Employee
Employee

Could u plz confirm the path to cacerts ? Bcz there are many trusted certificate already present by default but u have only one entry !!

Kais_Khelif_179
Level 2
Level 2

E:\Program Files (x86)\Adobe LiveCycle Workbench ES3\workbench\jre\lib\security

Kais_Khelif_179
Level 2
Level 2

Does it matter whether the certifcate is for HOST name and the FQDN?

Thanks

Kais_Khelif_179
Level 2
Level 2

I already did that and still doesn't work. Thanks

manpreet_bhatia
Level 1
Level 1

Hi,

You can try the below steps if you are using jBoss app server.

1.Open the secured adminui url (https://localhost:8443/adminui/) in the browser (ie explorer) .

2.It will give you the certificate error. Import that certificate by going to detail tab -> copy to file-> next-> select option DER encoded binary x.509 .cer

3. Save the above cert file to your local machine where workbench is installed.

4.Now run the below command

5.keytool -import -file “path of the above cert file on your machine including the cert name" -keystore "C:\Program Files (x86)\Adobe LiveCycle Workbench ES4\workbench\jre\lib\security\cacerts"

6.it will ask for password , which is changeit

7.it will ask if you trust this certificate , type Y then enter

8.Now your secured https certificate is imported to the cacerts file present in the security folder of workbench.

9.Restart the workbench, and before logging , configure the workbench login portal by providing below details

a)Hostname: localhost

b)Protocol : select the secured one (soap/https)

c)Port number will be : 8443 (for jBoss)

10. Try logging.

nickm58494165
Level 2
Level 2

I know this is old, but I have tried all the steps in this thread, plus rebooting my workstation, and I am having the same problem. Has anyone found a solution to this problem?

Thanks

nickm58494165
Level 2
Level 2

In case anyone ever runs into this problem in the future, the solution for me was to delete the jre folder within the workbench folder, and replace it with the latest jre downloaded straight from Oracle. Then I imported the certificate into the cacerts file. Originally I had installed java through the workbench interface, but it seems like it may have been using an old version. Hope this helps someone.

kurtschwanz16
Level 1
Level 1

Sorry to bump this old thread, but I am also  having this issue.   I have:

- followed the steps to import the certificate into the cacerts used by workbench

- ensured i used the FQDN in workbench properties that match certificate

- restarted system

- no luck

- replaced entire jre folder in workbench path as suggested above

- re-imported the certs

-restarted system

- still no luck

Browser access over https works just fine.   I'm stuck here.   Any other ideas from anyone?

TLB33
Level 1
Level 1

Did you obtain a solution to the issue regarding the public key certificate and launching Workbench as https.  I am also getting the same error and have tried all steps on the forum.