Help
  • Explore Community
  • Get Started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
Notifications
Login / Register
Community
Community
Notifications
close
  • Forums
  • Knowledge Center
  • Events & Webinars
  • Ideas
  • Blogs
Help
Help
  • Explore Community
  • Get Started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
Login / Register
Sustainability
Sustainability

Join our "Ask Me About" community webinar on May 20th at 9 AM CET and 5 PM CET to explore cybersecurity and monitoring for Data Center and edge IT. Learn about market trends, cutting-edge technologies, and best practices from industry experts.
Register and secure your Critical IT infrastructure

SSL certifacate request from DCO and upload

EcoStruxure IT forum

Schneider Electric support forum about installation and configuration for DCIM including EcoStruxure IT Expert, IT Advisor, Data Center Expert, and NetBotz

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • Home
  • Schneider Electric Community
  • EcoStruxure IT
  • EcoStruxure IT forum
  • SSL certifacate request from DCO and upload
Options
  • Subscribe to RSS Feed
  • Mark Topic as New
  • Mark Topic as Read
  • Float this Topic for Current User
  • Bookmark
  • Subscribe
  • Mute
  • Printer Friendly Page
Invite a Co-worker
Send a co-worker an invite to the portal.Just enter their email address and we'll connect them to register. After joining, they will belong to the same company.
You have entered an invalid email address. Please re-enter the email address.
This co-worker has already been invited to the Exchange portal. Please invite another co-worker.
Please enter email address
Send Invite Cancel
Invitation Sent
Your invitation was sent.Thanks for sharing Exchange with your co-worker.
Send New Invite Close
Top Experts
User Count
Cory_McDonald
Admiral Cory_McDonald Admiral
124
Jef
Admiral Jef Admiral
108
gsterling
Captain gsterling Captain
71
APC_Steve
Captain APC_Steve Captain
62
View All

Invite a Colleague

Found this content useful? Share it with a Colleague!

Invite a Colleague Invite
Solved Go to Solution
Back to EcoStruxure IT forum
Solved
DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 07:49 PM . Last Modified: ‎2024-04-03 02:31 AM

0 Likes
12
1463
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 07:49 PM . Last Modified: ‎2024-04-03 02:31 AM

SSL certifacate request from DCO and upload

Hello

In continue to my post regarding to connect from DCO to Active Directory via port 636 (https://community.ecostruxureit.com/questions/143756065/dco-connect-to-active-directory-via-ssl) the answer didn’t work to me .

I have old server (version 8.0.2) where that connection via port 636 to AD is working now .

After compare the configuration I have note that certificate of the DCO WEB in old server signed  via CA of the origination  .

Unfortunately I haven’t find exactly instruction into help tech info :

https://sxwhelpcenter.ecostruxureit.com/display/public/UADCO8x/Working+with+SSL+certificates

https://sxwhelpcenter.ecostruxureit.com/display/public/UADCO8x/Changing+SSL+certificate+on+the+serve...

How I can run certificate request and after it signed upload DCO ?

Is this process will be resolve the my problem ?

(CID:144313811)

Labels
  • Labels:
  • Data Center Operation
Reply

Link copied. Please paste this link to share this article on your social media post.

  • All forum topics
  • Previous Topic
  • Next Topic

Accepted Solutions
DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 07:50 PM . Last Modified: ‎2024-04-03 02:31 AM

0 Likes
3
1463
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 07:50 PM . Last Modified: ‎2024-04-03 02:31 AM

Hello

The problem has been solved .

Important point the filed of the host into configuration of the Authentication Server will be same (but exactly ) such like to  certificate .

I suggest add this point to guide  

 

(CID:146278246)

See Answer In Context

Reply

Link copied. Please paste this link to share this article on your social media post.

Replies 12
DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 07:49 PM . Last Modified: ‎2024-04-03 02:31 AM

0 Likes
6
1463
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 07:49 PM . Last Modified: ‎2024-04-03 02:31 AM

Hi Boris,

If I understand correctly, you have a DCO 8.2.7 setup integrated with AD server (as authentication server). And the integration works fine using port 389, but if you change it to port 639, then you have issue, right?

If yes, then make sure that the AD server supports encrypted communications (using port 639). 

You might also want to try in web-client, Setup (top right, wheel icon) > Certificates page, delete the certificates (including the possible expired ones) for that specific AD server in DCO, and then try to configure the integration to use port 636 and see if that helps.

By the way/just in case, if your user profile language (web-client, user profile (top right) > Language) is not English, change it to English and then retry the AD configuration editing/changes.

Additional test: if you remove the integrated AD server (from DCO), and then added, would that help?

Note: take a fresh backup before doing any major changes/tests.

 

PS: DCO is shipped with self-signed certificate, this page https://sxwhelpcenter.ecostruxureit.com/display/public/UADCO8x/Changing+SSL+certificate+on+the+serve... you are referring to, contains the instructions if you want to use your own certificates! 

Kind regards

(CID:144313875)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 07:49 PM . Last Modified: ‎2024-04-03 02:31 AM

In response to DCIM_Support
0 Likes
0
1463
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 07:49 PM . Last Modified: ‎2024-04-03 02:31 AM

Hello Jef

The first of all you are right . In additional  this a new server with version 8.2.7 and old server is working properly (8.0.2) with AD via port 636 .

I have run check with command

open-ssl s_client -connect ipADserver:636 -CApath /etc/ssl/certs

I see in old and new server all chunk CA , but in end I got the follow:

Verify return error code : 20(unable to get local issuer certificate) .

Although the error code old server is working.

I have remove all authentications server and created again only one , but receive the same result .

How I can to debug this issue ?

The customer is working in DCE via port 636 properly too .

 

(CID:144313907)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 07:49 PM . Last Modified: ‎2024-04-03 02:31 AM

In response to DCIM_Support
0 Likes
0
1463
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 07:49 PM . Last Modified: ‎2024-04-03 02:31 AM

I have compared openssl s_client command and it’s same .

Is there any configuration into DCO that will be set ?

(CID:144313943)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 07:49 PM . Last Modified: ‎2024-04-03 02:31 AM

In response to DCIM_Support
0 Likes
0
1463
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 07:49 PM . Last Modified: ‎2024-04-03 02:31 AM

Hi Boris,

I don't use the openssl test, so not sure what to expect from it. As you know already, the following instructions:

 https://sxwhelpcenter.ecostruxureit.com/display/UADCO8x/Setup+an+AD+%28Active+Directory%29+Server

is the only way to configure the integration.

I don't think there are configurations that may need to be reset (in DCO). Without detail investigations it is hard to say what might be the issue with your setup.  However, the product security have been improved in later versions (compared to previous releases). I would recommend testing this AD integration on the latest 8.3 release, if you/customer should experience the same issue, then it would be great if I could have the following data:

screen captures illustrating the authentication server settings/configurations in DCO

screen capture of the displayed errors

complete server logs

I will send you an invite to my =S= box shortly, so the data safely can be shared with me (when/if you would), thanks. 

Kind regards

(CID:144867446)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 07:49 PM . Last Modified: ‎2024-04-03 02:31 AM

In response to DCIM_Support
0 Likes
0
1463
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 07:49 PM . Last Modified: ‎2024-04-03 02:31 AM

Many thanks Jef

in next week I attempt to send the relevant logs

(CID:144867522)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 07:49 PM . Last Modified: ‎2024-04-03 02:31 AM

In response to DCIM_Support
0 Likes
0
1463
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 07:49 PM . Last Modified: ‎2024-04-03 02:31 AM

Hello Jef

On Sunday I'll go to customer for this issue .

Can you provide to me what is log file I need to upload exactly ?

 

(CID:144869270)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 07:49 PM . Last Modified: ‎2024-04-03 02:31 AM

In response to DCIM_Support
0 Likes
0
1463
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 07:49 PM . Last Modified: ‎2024-04-03 02:31 AM

Hi Boris,

Log files (in DCO 8.2.7) can be collected from server webmin interface, StuxureWare DC Operation > Download Log Files > Download log files

please also include the time/date you've tried & seeing the issue (that helps us to search in the logs), thanks.

Kind regards

(CID:145424843)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 07:50 PM . Last Modified: ‎2024-04-03 02:31 AM

0 Likes
3
1464
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 07:50 PM . Last Modified: ‎2024-04-03 02:31 AM

Hello

The problem has been solved .

Important point the filed of the host into configuration of the Authentication Server will be same (but exactly ) such like to  certificate .

I suggest add this point to guide  

 

(CID:146278246)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 07:50 PM . Last Modified: ‎2024-04-03 02:31 AM

In response to DCIM_Support
0 Likes
0
1463
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 07:50 PM . Last Modified: ‎2024-04-03 02:31 AM

Hi Boris,

Can you please clarify this, possibly add some screen captures, thanks.

Kind regards

(CID:146278253)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 07:50 PM . Last Modified: ‎2024-04-03 02:31 AM

In response to DCIM_Support
0 Likes
0
1463
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 07:50 PM . Last Modified: ‎2024-04-03 02:31 AM

(CID:146669723)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 07:50 PM . Last Modified: ‎2024-04-03 02:31 AM

In response to DCIM_Support
0 Likes
0
1463
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 07:50 PM . Last Modified: ‎2024-04-03 02:31 AM

Hi Boris,

Thanks. That's correct, Host filed should contain either the IP address or the qualified host name.

Kind regards 

(CID:146669797)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 07:50 PM . Last Modified: ‎2023-10-22 03:50 AM

0 Likes
0
1463
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 07:50 PM . Last Modified: ‎2023-10-22 03:50 AM

superhero.png

This question is closed for comments. You're welcome to start a new topic if you have further comments on this issue.

Reply

Link copied. Please paste this link to share this article on your social media post.

To The Top!

Forums

  • APC UPS Data Center Backup Solutions
  • EcoStruxure IT
  • EcoStruxure Geo SCADA Expert
  • Metering & Power Quality
  • Schneider Electric Wiser

Knowledge Center

Events & webinars

Ideas

Blogs

Get Started

  • Ask the Community
  • Community Guidelines
  • Community User Guide
  • How-To & Best Practice
  • Experts Leaderboard
  • Contact Support
Brand-Logo
Subscribing is a smart move!
You can subscribe to this board after you log in or create your free account.
Forum-Icon

Create your free account or log in to subscribe to the board - and gain access to more than 10,000+ support articles along with insights from experts and peers.

Register today for FREE

Register Now

Already have an account? Login

Terms & Conditions Privacy Notice Change your Cookie Settings © 2025 Schneider Electric

This is a heading

With achievable small steps, users progress and continually feel satisfaction in task accomplishment.

Usetiful Onboarding Checklist remembers the progress of every user, allowing them to take bite-sized journeys and continue where they left.

of