KB Articles

KB ID: KB0009078

Applies to:  All Ephesoft Versions

Topic/Category: Incorrect SSL certificate break Email Import

Issue: Ephesoft Email Import fails to work and the logs suggest an issue with the SSL certificate

Root Cause: The problem being faced by the customer was due to mismatch in certificates installed on Email server and Ephesoft server.

Solution:

  1. Unzip the downloaded file “portecle-1.7.zip” to a folder. File can be downloaded here.
  2. Make sure you have Java SE 6 or later installed on your computer.
  3. Start a command line window and run the following command to start Portecle 1.7:
    java -jar \local\portecle-1.7\portecle.jar 

    Please refer following snapshot :
    image006
    Figure: Opening Portecle utility.
  4. Executing the command will open a UI application for you, where user can Open CA certs keystroke file :
    image007
    Figure: Opening keystore file
  5. User will be prompted for password, default password for cacerts (default Java keystore) is changeit
  6. It will display all the CA certs keystore’s alias name with last modified time. Clicking alias will display the details of the certificate :
    image008
    Figure: Certificate alias details
  7. User can also install a certificate using this simple utility. But user will have to open the keystore file in which certificate is to be installed. In this case user can add certificate to JAVA SDK’s and JAVA JRE’s default keystore. Default JAVA SDK’s and JAVA JRE’s keystore is a file named cacerts located inside %JAVA_HOME%/jre/lib/security.
  8. User should open the keystore file as explained above.
  9. To install the certificate user must navigate to Tools->Import Trusted Certificate as shown in figure:
    image009
    image010
    Figure: Importing the certificate into keystore.
    Navigate to the path were certificate to be installed is present and import the certificate.
  10. Similarly if user wants to check certificate installed on the web site or email server, it can easily be done with this tool. User can navigate to Examine->Examine SSL/TLS connection.
    image011
    Figure: Examining certificate of SSL/TLS connection
  11. User can enter the URL and port of server whose certificate is to be examined. e.g.
    image012
    Figure: Examining certificate of SSL/TLS connection
    image013
    Figure: Certificate for google.comBy comparing the certificate installed in cacerts keystore and certificate installed on Email Server (using above explained method) we were able to figure out that wrong certificate was installed inside cacerts keystore of Java being used by Ephesoft.

 

 

< Back|KB Main Page

Was this article helpful to you?

J.D. Abbey