Certificate AddTrust External CA Root expired

From OS4X
Revision as of 09:43, 15 June 2020 by Admin (talk | contribs) (Created page with "= Version history = *2020-06-15: First writing of this document This document refers to information received from our customers. = Log message = You will see a message like t...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Version history

  • 2020-06-15: First writing of this document

This document refers to information received from our customers.

Log message

You will see a message like this in your OS4X's system log:

Certificate verify error 10: certificate has expired: depth=3, subject: /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root, issuer: /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root

Background

The CA certificate of AddTrust expired at 30th of May 2020. You need to remove the old entries and install a new chain.

Remove old entries

Navigate in OS4Xadmin to "Certificates" -> "Trusted certs." and search for "AddTrust":

Bildschirmfoto 2020-06-15 um 11.33.01.png

When viewing the certificate details, you will see the expiration date in the past:

Bildschirmfoto 2020-06-15 um 11.33.19.png

Remove this certificate. After that, search for a certificate of "COMODO RSA Certification Authority". There may exist more than one entry: one from the Odette TSL, others are manually uploaded in the past. Remove the manually uploaded / non-TSL certificate:

Bildschirmfoto 2020-06-15 um 11.42.18.png