05-14-2018 11:09 PM
We are running SAS 9.4 M3 on Linux OS with clustered environment.
We have recently renewed ssl certificate for SAS Web Servers using the below procedure.
1. Placed csr, crt, key files in SASCofig/Web/WebServer/ssl/ path.
2. Edited the file SASConfig/Web/WebServer/conf/extra/httpd-ssl.conf as per the names of the key and certificate.
3. Using the deployment manager from middle tier we have updated CA bundle with root,intermediate certificates.
All the web applications are working fine and there is no error in InstallLogs and Web logs but the certificate is not validated with the new certificate provided as we checked in Web browser.
We are using Webservers with HA Proxy Load Balancer.
05-15-2018 03:57 AM
1.) What internet browser are you using ? If Chrome, then you must ensure the CN of the server certificate also appears in the list of SANs for the server certificate
2.) Also, make sure the full CA chain is imported into your Windows certificate store.
3.) Open up each certificate in your CA chain from the Windows certificate store and ensure that every certificate is ok. Maybe the new certificate was signed with a chain of CAs and one of the CA (s) is missing from the certificate store.
4.) You can even import the new server certificate into the Windows certificate store and check that it validates ok
05-15-2018 11:35 PM
Thanks for your response.
We have checked in Chrome browser, the server certificate appears in the list of SANs for the server certificate. The new certificate is not updated for Web server and it is using the old certificated as checked in the browser.
We are using SAS in Linux environment and it is multi user environment.
Thanks & Regards,
05-16-2018 04:38 AM
I'm not quite following the problem....
If you try and access the URL using Chrome, what error do you get ? Have you tried with IE or Firefox perhaps ?