cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Install a Free SSL Certificate from Let's Encrypt in Thingworx

Do1
Regular Member
(in response to Do1)

Re: Install a Free SSL Certificate from Let's Encrypt in Thingworx

Please note: When renewing your certificate, you need to use the same password used to generate the initial certificate. Check Tomcat server.xml if you can't remember.

Re: Install a Free SSL Certificate from Let's Encrypt in Thingworx

I could install the SSL certificate for Tomcat by following your article. But after that, the remote device can't connect to the server (using C SDK) with error:

TW_VALIDATE_CERT: Certificate rejected.  Code: 20, Reason = unable to get local issuer certificate

twTlsClient_Connect: Error intializing TLS connection.  Invalid certificate

Do you have any clue about this problem ?

Do1
Regular Member
(in response to qngo)

Re: Install a Free SSL Certificate from Let's Encrypt in Thingworx

I have heard of this once before from someone else.  I am sorry, I can't be of more assistance, but I believe you may need to update to the most recent version of the SDK.

Please post back here if you figure it out.

Do1
Regular Member
(in response to qngo)

Re: Install a Free SSL Certificate from Let's Encrypt in Thingworx

Disclaimer:  These are only suggestions to try and my best guesses.  Quite difficult to provide more accurate response with the information provided.

I believe your issue may possibly be caused by the default configuration of the C SKD requires that your SSL certificate is a EV certificate (Extended Validation Certificate). More details on certificates here: https://en.wikipedia.org/wiki/Extended_Validation_Certificate

You can try the following in your C SDK implementation: turn of validation by using: tls->validateCert = FALSE;

Also as previously mentioned, make sure you are using a recent version of the SDK.


Re: Install a Free SSL Certificate from Let's Encrypt in Thingworx

Hello Duan,

Thanks for sharing useful info. I want to ask question before try it. My thingworx works on windows os instance. If I follow below steps, is it ok for my scnerio?;

1. I will generate certificate on Linux VM with your tutorial,

2. I will copy certificate to Thingworx instance which is windows os,

3. Restart Tomcat,

Regards,

Do1
Regular Member
(in response to Do1)

Re: Install a Free SSL Certificate from Let's Encrypt in Thingworx

Hi Burak,

I guess it is likely to work, but it might just be easier doing it in windows.

This might be a good place to start: https://github.com/Lone-Coder/letsencrypt-win-simple/wiki

Please post your experience.