btrabue
Enthusiast
Enthusiast

What? Entrust no longer provides full chain certificates for? How do we get AWCM to work?

We are currently migrating from server 2012 to server 2016 in our test environment.  We have all of our certs in place and applied the SSL cert when asked for it while installing AWCM.  Now when we test the AWCM connection it will fail.  We noticed  that the certificate did not include all the chains so we asked our cert team to renew the certificate so that it has the full chain.  They tried a couple of times and ended up getting Entrust on a call.  Entrust told them that they no longer provide full chain certificates.  Seriously?  We got into the Java keystore and imported the two intermediate certificates thinking that it would take care of the issue, but it did not.  Below is one of the errors that we are seeing in the AWCM logs.  Anyone have any ideas what we are missing or is Entrust possibly incorrect when they tell us that they no longer create full chain certificates.  Thank you!!

2018-10-30 00:27:50,361 ERROR (nioEventLoopGroup-3-4) [com.airwatch.awcm.event.AWCMChannelConnectedEventHandler] - javax.net.ssl.SSLException: Received fatal alert: certificate_unknown
java.util.concurrent.ExecutionException: javax.net.ssl.SSLException: Received fatal alert: certificate_unknown
Labels (1)
0 Kudos
4 Replies
jahuu
Contributor
Contributor

Hej Bryan!
Did you solve the problem? We have exact the same error - don´t know why and how we solve this..
We use a certificate from GlobalSign.
Regards
Olaf
0 Kudos
jahuu
Contributor
Contributor

..anyone found a solution??
0 Kudos
SeanMuldowney
Contributor
Contributor

Hi Jahuu,

Did you ever find the answer to this? We are seeing the same thing right now.

0 Kudos
JoelMcGee
Contributor
Contributor

We are seeing the problem on all our AWCM servers.

Tags (1)
0 Kudos