Date Posted:
Product: TIBCO Spotfire®
Product: TIBCO Spotfire®
Problem:
TIBCO Spotfire Automation Services job fails with SSL certificate error while executing the job on the server.
Solution:
When executing automation job via TIBCO Spotfire Automation ClientJobSender or via TIBCO Spotfire Analyst when executing on server, it may fail with the following SSL certificate error:
Info;19-09-19 09:41:13.789;4356;Console;Connecting to server https://spotfire.com. Error;19-09-19 09:41:14.039;4356;Console;SSL certificate error: 'RemoteCertificateChainErrors', the allowed errors are 'RemoteCertificateNameMismatch' on certificate with subject 'CN=spotfire..com, OU="America, Inc", O=IT, L=Schaumburg, S=IL, C=US' and serial number '6FE95FC5'. Error;19-09-19 09:41:14.039;4356;ServiceApiConnectionManager;Could not make request {0}' System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure. at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result) at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size) at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size) at System.Net.ConnectStream.WriteHeaders(Boolean async) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.GetResponse() at Spotfire.Dxp.Automation.ClientJobSender.ServerConnectionManager.ReadManifestInformation() at Spotfire.Dxp.Automation.ClientJobSender.ServerConnectionManager.Connect(Uri serverUri, Int32 webServiceRequestTimoutSeconds) Error;19-09-19 09:41:14.039;4356;Console;Error executing job:This may be seen when the TIBCO Spotfire Server is configured to use HTTPS.
The root cause here is a problem with the certificate validation. Multiple solutions might apply here (some are outlined below):
- The error indicates that the certificate the server is using is invalid, mainly because it is using a certificate that has a different name(hostname) on it. Therefore, ensure that the SSL certificate used does not have any naming mismatch issues.
- Make sure that the root/ intermediate certificates are added to the "Trusted Root store" on the machine running the TIBCO Spotfire Automation ClientJobSender.
- Make sure that SSL certificate is not revoked.
Comments
0 comments
Article is closed for comments.