Error when trying to set up an SSL/TLS configuration

Question

Question

David Greer · Apr 30, 2024

#SSL #Health Connect #InterSystems IRIS #InterSystems IRIS for Health

I'm trying to configure an SSL/TSL configuration in our test environment so we can send ADT messages to an external server. I've verified connectivity/firewall to the external server.

type is set to Client, Server certificate verification is set to Require.

I have received a certificate from the external supplier and linked that in the "File containing trusted Certificate Authjority certificate" field. (I've also imported it into the cert store and tried using %OSCertificateStore).

My client certificate is in PEM format, the decrypted key was extracted using SSLOpen. Protocol enabled is TLSv1.2 (I've tried with the others as well.)

When running a test I get this error:- ERROR #988: SSL connection failed. SSL/TLS error in SSL_connect(), SSL_ERROR_SSL: protocol error, error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown

Is anyone able to assist in deciphering this error, or helping me sort the configuration out?

Many thanks

Product version: IRIS 2021.1

Discussion (2)1

Log in or sign up to continue

score 0 · Answer 1 · 2024-04-30T15:34:38-04:00

Do you have CA cert for the CA used to sign external server's cert?

You need that and not external server's cert itself.

score 0 · Answer 2 · 2024-05-01T08:49:55-04:00

Eduard

Thanks for the advice, I will check that. I think I have the certificate itself, but I'll check I have the chain through to the root certificate - I'm assuming that's what you mean?

Kind regards