Certificate AddTrust External CA Root expired

From OS4X
Jump to navigation Jump to search

Version history

  • 2020-06-15: First writing of this document

This document refers to information received from our customers.

Log message

You will see a message like this in your OS4X's system log: 

Certificate verify error 10: certificate has expired: depth=3, subject: /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root, issuer: /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root

Background

The CA certificate of AddTrust expired at 30th of May 2020. You need to remove the old entries and install a new chain.

Remove old entries

Navigate in OS4Xadmin to "Certificates" -> "Trusted certs." and search for "AddTrust":

Bildschirmfoto 2020-06-15 um 11.33.01.png

When viewing the certificate details, you will see the expiration date in the past:

Bildschirmfoto 2020-06-15 um 11.33.19.png

Remove this certificate. After that, search for a certificate of "COMODO RSA Certification Authority". There may exist more than one entry: one from the Odette TSL, others are manually uploaded in the past. Remove the manually uploaded / non-TSL certificate:

Bildschirmfoto 2020-06-15 um 11.42.18.png

Retrieved from "https://wiki.os4x.com/index.php?title=Certificate_AddTrust_External_CA_Root_expired&oldid=3402"