We had 11.6 in Production, and was not able to see the webservice adapter as active, thow it is working. After contacting support, we was told that it had to do With SNI and that this would work if we upgraded to 11.7. So we did, but still we aint able to see the services active. We can't find any error in admserv.lg.
I will reopen the supportcase, but also ask here if anyone have some idea of where to look for error?
we did this test:
sslc s_client -connect ws.bafo.no:443 -servername ws.bafo.no
_____________________
CONNECTED(00000124)
Server did acknowledge servername extension.
---
Certificate chain
0 s:/businessCategory=Private Organization/jurisdictionC=NO/serialNumber=981 967 070/C=NO/L=Oslo/O=Intility AS/CN=www.bafo.no
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Extended Validation Server CA
1 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Extended Validation Server CA
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIHpzCCBo+gAwIBAgIQDieKyzcoiM37C3e48iwJJzANBgkqhkiG9w0BAQsFADB1
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk
:
:
iiYYFXp16ukG+5zsiWQv5YoaULE6fPzunov13P0l4KnFoK0S7Xxs0nZhlg==
-----END CERTIFICATE-----
subject=/businessCategory=Private Organization/jurisdictionC=NO/serialNumber=981 967 070/C=NO/L=Oslo/O=Intility AS/CN=www.bafo.no
issuer=/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Extended Validation Server CA
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3685 bytes and written 321 bytes
Verification error: unable to get local issuer certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: A6C69E93E2124AA781EE48524F6492B515CAC068DBAE020DFB510458F0418411
Session-ID-ctx:
Master-Key: 6DDD6261657E81053100EAC15DCD83FD847885DEAAAFE4A0DA5DC774A91ABCE4DCABF244B08283E3D3B6FF84BAF12995
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1542614517
Timeout : 7200 (sec)
Verify return code: 20 (unable to get local issuer certificate)
Extended master secret: no
---
