How to declare a certificate for authentication between Syracuse and Application/Runtime server?

2 minute read time.

In the past you most likely have seen KBs like How to set up SSL with Sage X3 , for how to turn on SSL for connecting to X3. Also you have seen Blog entry, here on how to secure the connection between Syracuse and MongoDb. But what about communication between Syracuse and Run time / Application server?

Can you create your own certificate and make it to be used for communication between Syracuse and application server?

Before we start, please review the section of online help on certificates.

Also the section related to certificate authentication between Syracuse and runtime.

So essentially during install of X3 , if you are in fact, using simplified certification generation, a public key file is created and transferred to runtime\keys directory.

In this blog post, I like to show, how you can change this certificate after the fact.

In this example I already have a system with simplified certificate generation, and I will be using Certification generation tool, to generate a new certificate and use it.

Browse to syracuse\certs_tools and click on Certgen tool to create a new ca.cacrt and a new certificate.
After the above step, in your output directory you have something like below.
Login to X3 and open Administration , Certificates, Certificates of certification Authorities.
Click New to add a new ca.cacrt .
Back on the list of certificates of certification authorities you have below.
Open Administration, Certificates, Certificates.
Click New to add a new certificate.
After Saving the new certificate back on the certificate list you will have something like below.
Open Administration, Endpoints, X3 solutions.
Edit your X3 solution and select the certificate you had created to be used.
Log out of X3 and log back in, and notice the error you get.
For the above error, as it was mentioned in the online help, you would need to add the public key file (.PEM) to the keys directory of the runtime folder. Keep in mind that since in X3 the name I assigned to my certificate was application, based on the error, system is looking for application.pem so to solve this error, copy the generated. pem file (this is the file you had generated during certificate generation) and paste it to the runtime\keys directory and make sure the name is matching the name using during certificate creation in X3.

Conclusion: With the above steps , you can create a certificate, and use it for authentication between Syracuse and application/runtime server

[email protected] over 3 years ago in reply to FormerMember

I have the same error
- Cancel
- Vote Up 0 Vote Down
- Sign in to reply
- More
- Cancel
FormerMember over 4 years ago

Hi,

I'm having a strange issue when trying to import a new CA certificate from a Windows PKI. The system says "

Cannot use 'in' operator to search for 'authorized' in undefined"

I downloaded the root certificate from the CA website, and converted it to PEM using openssl, but when I try to import it on the interface, I get this same error.

What is weird, is that when I remove the file, the fields below (name, etc.) are automatically filled with the correct information.

Any idea on how to solve this ?

(the end goal is to change the SSL certificate used by Sage).

Rhanks a lot !
- Cancel
- Vote Up 0 Vote Down
- Sign in to reply
- More
- Cancel
bimiman over 5 years ago

Hi,
Thank you for this tutorial.

When I launch "certgen.bat", I get only cacrt file, no pem is generated.
Do you know why ?

Thank you.
- Cancel
- Vote Up 0 Vote Down
- Sign in to reply
- More
- Cancel

Sage X3

How to declare a certificate for authentication between Syracuse and Application/Runtime server?

COMMUNITY

COMPANY

PARTNERS

SUPPORT & TRAINING