Follow

Password Server v2.5 install fails with no SSL certificate configured

Issue

Password Server v2.5 fails when not using an SSL binding in IIS.

During the installation the Base URL is configured using server-name or localhost.

localhost.png

 

The following error is then displayed.

setuperror.png


Reviewing "AAPSSetupLog.txt" usually located in "C:\Program Files\Scorpion Software\AAPS_Setup_V25\" shows the following error.

 ~ CreateThirdPartySSOCert() Got client cert. 
 ~ CreateThirdPartySSOCert() Service URL set to: https://localhost/AAPS/AAPS.svc
 ~ CreateThirdPartySSOCert() Failed . Could not establish trust relationship for the SSL/TLS secure channel with authority 'localhost'.

 

Cause

Installation will fail because there is no SSL certificate configured. As of Password Server v2.5 the use of SSL is now a requirement. You need a valid SSL certificate and HTTPS binding in IIS.

 

Resolution

Check the Base URL entered. if you have an SSL certificate configured in IIS then modify the Base URL to reflect that SSL binding during the installation.

If you do not have an SSL certificate setup you will need to Configure an SSL Certificate in IIS.

We recommend using a trusted public CA – such as Verisign, Inc – to obtain the certificate. This solution is particularly good if you want to enable secure communications for authentication agents over the public Internet, where your AuthAnvil Password Server will be exposed publicly.

To enable SSL for the AuthAnvil Password Server website after you have a certificate installed in IIS, follow these steps:

  1. Launch the IIS Manager, and expand “Sites”.
  2. Click on the website where the AuthAnvil Password Server will be installed and click “Bindings…” under the actions menu.
  3. Click “Add…”
  4. Change the type from “http” to “https”, set your IP address and port, and chose a certificate from the “SSL certificate” dropdown menu.
  5. Click “OK” and then “Close” to apply the binding.
  6. Install the Password server using this new SSL binding.

 

For more information about setting up SSL in IIS see this guide from Microsoft http://www.iis.net/learn/manage/configuring-security/how-to-set-up-ssl-on-iis

 

 

Affects

Password Server v2.5 and newer unless otherwise posted.

Questions?

If you have any questions or need some help, we would be happy to assist. Open a case at help.scorpionsoft.com or send an email to support@scorpionsoft.com.

 

 

 

 

 

 

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk