Skip to main content
Support

KB Article #178099

Tomcat certificate expiration (2nd of September)

Context:

Tomcat sample certificate provided by Axway will expire on the 2nd of September.

Goal:

Provide updated certificates for customers who are still using Axway sample certificates, to avoid issues on production.

Customers impacted:

Customer using Sentinel, AISuite (Interplay, Datastore and Rule Engine Server), Composer in production with the default Axway sample certificates and SSL/TLS protocols.

Axway products impacted:

Sentinel (4.2.0, 4.1.0, 4.0.1), AISuite (2.2.1, 2.1.0) (Interplay, Datastore and Rule Engine Server)

Impacts:

  • Connection to UI in HTTPS
  • Deployment issue (AISuite)
  • Self-registration with PassPort

Steps:

  1. Check that you are using Axway certificates and the expiration date

You can use the keytool.exe provided in our embedded java.

keytool.exe -v -list -keystore keystore.jks

No password is required

Alias name: tomcat
Creation date: 2 sept. 2014
Entry type: PrivateKeyEntry
Certificate chain length: 3
Certificate[1]:
Owner: CN=Tomcat, O=Axway, C=FR
Issuer: CN=PassPort SSO CA, O=Axway, C=FR
Serial number: 16
Valid from: Tue Sep 02 15:43:00 CEST 2014 until: Fri Sep 02 15:43:00 CEST 2016
Certificate fingerprints:
MD5:CF:70:6E:E0:20:E9:AB:47:EC:97:E2:7D:9E:D4:A3:6B
SHA1: 03:4D:77:15:E5:21:57:59:34:BA:F2:BE:21:94:77:78:D7:69:C3:EB
SHA256: 24:99:69:AF:F8:6D:B1:CD:13:1E:66:9A:D9:6C:A2:95:22:20:C6:9F:F1:
DC:9C:60:5E:B7:D9:09:2E:81:86:B1
Signature algorithm name: SHA1withRSA
Version: 3

After the change, you should have this:

Alias name: tomcat
Creation date: 31 mai 2016
Entry type: PrivateKeyEntry
Certificate chain length: 3
Certificate[1]:
Owner: CN=Tomcat, O=Axway, C=FR
Issuer: CN=PassPort SSO CA, O=Axway, C=FR
Serial number: 1d
Valid from: Tue May 31 11:44:00 CEST 2016 until: Thu May 31 11:44:00 CEST 2018
Certificate fingerprints:
MD5:5D:89:06:85:A0:24:1B:6E:49:3B:81:38:F3:C7:90:1C
SHA1: B4:F3:D8:09:48:33:4F:C0:96:BC:34:30:3B:1B:D5:85:5F:6E:F8:7E
SHA256: 81:2B:39:95:B0:2A:0F:02:19:F6:AC:0B:D8:D4:2B:32:F6:4E:09:E2:15:
67:D5:19:34:04:B5:E9:A9:AD:D2:20
Signature algorithm name: SHA256withRSA
Version: 3

  1. Update the certificates

Update certificates provided in ServicePack.

For Sentinel, the updated certificates are included in:

  • Sentinel 4.0.1 SP9 (ETA 31/08/2016)
  • Sentinel 4.1.0 SP6 (ETA 31/08/2016)
  • Sentinel 4.2.0 SP4 (ETA 29/07/2016)

No updated version of the certificates will be included in AISuite ServicePack