Troubleshooting HTTPS - j5 - 30 - Installation & Upgrade - Hexagon

j5 Installation and Upgrade

Language
English
Product
j5
Search by Category
Installation & Upgrade
j5 Version
30

The Chrome Developer Tools can be used to identify problems with the HTTPS setup when you're getting connectivity errors. This helps diagnose problems that occur when connecting to j5 using Chrome or the j5 IndustraForm Designer (the Designer uses an internal Chrome framework). Other browsers may implement slightly different rules.

HTTPS certificates need to conform to a changing list of rules. If your browsers or mobile devices don't accept your certificate, here are the most common issues with certificates:

  • The certificate file installed on the j5 server must include all of your intermediate and root certificates. It won't work if you only provide your server certificate.

  • If the certificate is signed internally by a corporate Certificate Authority and not by a public one, the root Certificate Authority certificate must be installed on the client machine.

  • The name on the server certificate must match the server name.

  • The key size must be at least 2048 bits.

  • The certificate can only be valid for up to 397 days.

  • The certificate must use SHA256 or higher and not SHA1, which is deprecated.

  • The certificate must use the Subject Alternative Name and not the Common Name, which is deprecated.

  • The j5-prod.key, j5-prod.csr, and openssl.cnf files must either be in the same folder, which is recommended, or the full path must be specified to all of these files.

  • Connectivity problems are frequently caused by firewall rules.

  • It may be necessary to reissue the server certificate after resolving the problems.