Resolved OpenEdge's built in certificate has expired

[Cecil]

OpenEdge 11.1
OS: Linux CentOS

I have SSL enabled between the WebSpeed Messenger and the WebSpeed Broker/Agents and on Sunday 23rd February 2014 the certificate has expired. How do I get the latest certificate for OpenEdge from Progress Software? Is it part of a Service Pack?

 

[Cecil]

The default root certificate that is shipped with Progress expired on February 22nd, 2014.

 

[TomBascom]

Shipped with what version?

 

[Rob Fitzpatrick]

According to the article it appears to be 10.x and 11.x (prior to 11.3.2).

 

[Cecil]

Shipped with what version?

OE 11.1 was effecting me.

 

[Cecil]

Ok, I'll admit it, it's all my fault. I'm now a little-bit wiser about the default_server Digital Certificate and it's original intended use. I now realise that it was only meant for developers to have a working example of implementing SSL and not to be used in a Production Environment, whoops. I should of RTFM.

So I followed the instructions from the KB and things are about 75% back up and running. Still can get one of the WebSpeed Brokers starred using the new digital self-assigned certs, JAVA errors galore and none of it helpful.

 

[Rob Fitzpatrick]

Ok, I'll admit it, it's all my fault.

I dare say you weren't the only one Cecil. Decent of you to admit it though.

 

[RealHeavyDude]

Yesterday I was called to have a look at a server from a foreign Progress solution on which the AppServers couldn't start and the database couldn't fork any remote servers. The system was 10.1c. They did use the "default server" certificate that was shipped with that version and which expired over the last weekend. Whether it was accidentally or on purposed - I don't know.

In our production environement the SSL server certificates always expire after one year. Therefore we are used to change them a lot ...

Heavy Regards, RealHeavyDude.