Hi
We are using WYSE P20 clients in a View 4.6 environment. We are wanting to upgrade to the latest version of VIEW and as a prerequisite, get root certificates working on the WYSE P20.
We are using VIEW within our internal network space only, so the best option for us is to install on to the P20s the root certificate generated by our MS Windows Domain Controller.
We have exported the certificated as both a DER- and/or Base64-encoded .CER file, renamed that file with a .PEM extention and tried to re-apply the Policy to the P20's, but cannot make this work.
The error message we are seeing is as follows:
02/23/2013, 13:17:18> LVL:1 RC:-501 X509_UTIL validate_pem_cert): Certificate length is not divisible by 4! [len = 1]
02/23/2013, 13:17:18> LVL:1 RC:-501 X509_UTIL tera_x509_util_is_valid): PEM certificate is invalid!
02/23/2013, 13:17:18> LVL:2 RC: 0 GSOAP :SOAP 1.2 fault: SOAP-ENV:Sender [no subcode]
02/23/2013, 13:17:18> LVL:2 RC: 0 GSOAP :"rootCertificate is invalid!" Detail: [no detail]
02/23/2013, 13:17:18> LVL:0 RC: 12 MGMT_CMI :Error serving SOAP request!
Unfortunately this is a *major* issue for us because it is actively preventing us from upgrading VIEW. If we cannot resolve the issue, we will have no choice other than to dump the P20's altogether and find alternative hardware.
Can anyone advise as to whether there is a working solution for getting "self-signed" (i.e. non-Public) Root certificates working on these devices?
I used openssl to convert my certificate. here are some instructions I found when searching
Use the openssl command to convert between formats as follows:
I used openssl to convert my certificate. here are some instructions I found when searching
Use the openssl command to convert between formats as follows:
Thanks for the information.
I should have stated... I have tried conversions through OpenSSL already, as well as simply renaming the exported file from *.cer, to *.pem.
In desperation, I also tried exporting the root certificate with its private key, and converted that from a pfx to a pem with OpenSSL, but that didn't work either.
If anyone has any insight to what the specific error message means, or how I can construct my CA certificate in such a way that it will be accepted by the P20 as valid, that would be brilliant.
thanks