KB Article #173087

Problem SSL CFT - GW : LOCAL CAID=NULLCERT, CERTID=NULL

Problem

-- SSL transfer problem between Transfer CFT and Gateway

-- The transfer reaches the step where the client (Transfert CFT) checks its PKI database to find the certificate to be transmitted to the server (Gateway)

 

-- The following message appears in SSL trace on CFT side:

 

13/03/11 09:47:08  CFTY02Z >> CTX=200006 Client certificate not found (LOCAL CAID=NULLCERT, CERTID=NULL)

13/03/11 09:47:08  CFTY02Z >> CTX=200006 cftpki() _ PKII PHASE=GETCERT  CR=0 REASON=48

13/03/11 09:47:08  CFTY02Z >> CTX=200006 UNKNOWN CA : DN=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 1999 VeriSign, Inc. - For authorized use only/

13/03/11 09:47:08  CFTY23I CTX=200006 Client certificate ID=NULL ROOTID=NULLCERT

 

Resolution


The solution has to be implemented on Gateway side.

 

In Synchrony Gateway Navigator go to:

Security Management ->

          Transfer Security Manager ->

                       Security Profile -> TLS Profile

 

Right click on the concerned TLS profile ->

                                                 Modify ->

                                                    Accepted authorities (server only) -> Check the box next to the partener's root certificate

 

 

 

 

 

Still need help?

If this information wasn't helpful to you, just drop us a line. We'll get back to you as soon as possible.