• State Not Answered
  • Replies 1 reply
  • Subscribers 93 subscribers
  • Views 1454 views
  • Users 0 members are here
Options
Related

Web Services certificate validation

Are Sandnes
over 4 years ago

Hi,

We are trying to connect to a remote service via Web Services in IdentityManager 8.1.1. It works in v6, but we are getting a certificate error in v8. 

"The remote certificate is invalid according to the validation procedure." 

I think this might be because the Subject in the certificate is "CN=domainA.com" and Subject Alternative Name is "DNS Name = domainB.com" (we are connecting to domainA,com). I have had some issues in other applications that the validation fails if the domain you are connecting to isn't contained in Subject Alternative Name. Is this a valid assumtion? Is it possible to do something similar to Common->MailNotification->AllowServerNameMismatchInCert for Web services?

The owners of the remote service don't want to change the certificate if it's not strictly necessary, and I can't find the documentation explaining the certification rules in One Identity. Any help would be much appreciated.

- Are

  • 0 over 4 years ago

    The difference between v6 and v8.1.1 is the .NET Framework version used and therefor the validation check may be different.

    There is no configuration parameter for changing the validation behavior, but you should be able to change the web service script in OneIM to assign your own certificate validation handler. (Standard .NET Framework feature while talking to Web Services).