Known Issue ID | FMESERVER-17624 |
---|---|
Discovered | All Versions |
Affects | All Versions |
Resolved | N/A |
Symptom
After configuring FME Server for HTTPS the Web UI is not responsive and you see the following error in the Catalina log.
data isn't an object ID (tag = 48)
Or errors indicating algorithms are not available, for example:
java.security.NoSuchAlgorithmException: Algorithm HmacPBESHA256 not available
Cause
AES Algorithms are not supported by FME, which uses Java Runtime Environment 8.
Resolution
The current solution is to make sure the AES algorithm is not used in the certificate. RSA algorithms are a good option. Follow the steps below to convert your certificate to use a different algorithm.
1. Double-click the certificate(s) to open the Import Wizard and import the certificates into the Windows Certificate Manager. Mark the key as exportable.
2. Since this is temporary, you can import them wherever is convenient. The Personal store is ok.
3. Once the certificates are imported, Open the Certificate Manager and export them. Make sure to select the server certificate as well as the intermediary and root certificated if they are present.
5. In the Export Wizard, choose “Yes, export the private key”.
6. Select the .PFX format
7. Enter the password and choose Encryption as TripleDES-SHA1. In some cases, the encryption may not be an option. Please proceed anyway as the default is usually TripleDES-SHA1.
8. Specify a new name and finish exporting the certificate. Use the new .pfx certificate in FME Server. See Configuring FME Server for HTTPS: Using a PFX or P12 Certificate
Comments
0 comments
Please sign in to leave a comment.