Menu
▾
▴
Re: [SignServer-develop] Trying change Common Name (CN, l, C . . . ) in certificate PDFSigner
|
From: Markus K. <mar...@pr...> - 2017-09-07 11:29:52
|
On 08/23/2017 10:37 PM, iva...@ip... wrote: > Hello. > > I'm trying to change Common Name (CN, l, C . . . ) in certificate > PDFSigner on my PDFSigner worker. > > When I create a certificate, I specify my own fields (CN, l, C . . . ) . > > But then, when I restart the worker, I get the next error: > > Status of CryptoWorker with id 1 (CryptoTokenP12) is: > Worker status : Active > Token status : Active > > Status of Signer with id 2 (PDFSigner) is: > Worker status : Offline > Token status : Active > Signings : 0 > > Errors: > - Certificate does not match key > > > I use my own keystore.p12. > > Who has any ideas on how to do this? Maybe I'm doing something > wrong? And is it possible at all? > > Sorry for my English. > > Thank you in advance, > Ivan Pashchuk > Hi Ivan, The error means that the certificate configured in the PDFSigner are not for the private key in the keystore. If you have made changes in the keystore outside of SignServer or changed something in CryptoTokenP12 you might have to reload the workers: bin/signserver reload 1 bin/signserver reload 2 Also check that you have the right certificate configured in the PDF Signer. If you replaced the keystore or created a new key the certificate you have in the PDF signer will not match that. In that case you can remove the certificate and certificate chain properties. If you key store already has the right certificates you are done then otherwise you will have to also install the new certificate that matches the key. It could also be that you used a CSR that was not for that key when requesting the new certificates. Cheers, Markus PrimeKey Solutions Save time and money with an Enterprise support subscription. Please see www.primekey.com for more information. https://www.primekey.com/products/software/ |
