| Applies To | |||
| Product(s): | SELECTserver | ||
| Version(s): | N/A | ||
| Environment: | N/A | ||
| Area: | N/A | ||
| Subarea: | N/A | ||
| Original Author: | John Lee, Bentley Technical Support Group | ||
Overview:
In the use case, the deployed SELECTserver running transmitting log encounters the following message.
Data Update Service - WARNING with status code 2 - service start time: - An error occurred retrieving the license
from Bentley.com: - A server certificate could not be validated.
Problem Description
"A server certificate could not be validated" error for Data Update Service and Request/Update License
The same issue may affect SELECTserver (SS) Gateway only against hosted, in this case in SS GW log:
Error checking SELECTserver (SS) version: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
This happens only if SS or SS GW is configured to talk with bentley.com in HTTPS.
Solution
This may happen when user's system does not trust the Certification Authority that issued the certificate. The Certification Authority information is kept in the registry. The list of Certification Authorities is kept up-to-date by Windows Update utility.
To resolve this issue run the installcert.bat file (provided in the SSCertinstall.zip package).
Once the files have been extracted from the zip run the installcert.bat file. When using the Windows 7 or Server 2008 operating system because of the User Access Control (UAC) you must RIGHT-CLICK on the file and choose the "Run “As Administrator” option to properly execute the bat file.
The SSCertinstall.zip file can be found at:
https://communities.bentley.com/products/licensing/m/licensing_gallery/270340
Note: The SSCertinstall.zip package contains the following files: CertMgr.exe, digicert.cer, digicert_int_ca.cer and the installcert.bat files