Scenario:
We recently installed a new self-signed certificate in our production environment.
The new certificate was installed to %NIKU_HOME%\config\New Certificate, whereas previous certificates were installed to %NIKU_HOME%\config\.
The NSA --> Properties --> Security --> Encryption --> SSL Keystore field was updated to %NIKU_HOME%\config\New Certificate\.keystore, and all services were restarted from command line.
Results:
-
The Clarity UI accepts the new certificate, and is accessible by https.
-
Open Workbench presents an Accept Certificate box each time it is launched, either stand-alone or from the Clarity UI. Regardless of which option is chosen (Yes, No, Save), OWB loads normally:
-
We have a scheduled job which executes a process that XOGs out timesheet information in XML format. When the GEL script points to https://AppServer, the job fails. If I change the script to point to HTTP://AppServer and enable http in the NSA, the job succeeds.
Questions:
-
Is it hard-coded for OWB and BG processes to look at %NIKU_HOME%\config\ for a valid SSL certificate?
-
If not, any ideas why these two elements are balking at the new cert?
Thanks for any help!
_______________________________________________________
Jeff Bland
Architecture and Enterprise Systems Administration
Publix Supermarkets, Inc.