Brian Erle (IBM) 1200008FU8 Visits (6998)
The use of certificates in IBM Mobile Connect (IMC) is prevalent. From securing incoming device requests, to securing connections to databases, authentication servers and application servers certificates are a part of the everyday operation of an IBM Mobile Connect deployment. When everything is working perfectly no one really worries about those certificates securing sessions until they expire and everything comes to a grinding halt. This can happen literally in the blink of an eye. What was a perfectly valid incoming device request a millisecond ago, is now an expired request. In the wg.log from IMC you will see a message which will look like this:
[ERROR] SSLPort: failed to attach secure connection, fd=21: [10.10.10.10:33622] GSK_ERROR_BAD_DATE (rc=401,ec=401)
Using the IBM Key Manager an administrator can examine the certificates used to secure incoming devices. By examining the certificate in the Personal Certificates view and then using the VIEW action you can check for the expiration date for the certificate and then execute on a plan to ensure that a new certificate to replace an expiring one is in place and ready to go prior to the expiration date of the present certificate. The ACTIVE certificate is the one with the asterisk '*' symbol next to it. When it comes time to use the new certificate select the certificate and View it, then choose the option near the bottom of that dialogue which allows you to set it to the Default certificate. In order for IMC to begin using this certificate a Stop and Start of the Connection Manager is required.
324:745822528 (Apr 18 2016
Please Note - the LOG and DEBUG logging levels are required to be active to see these messages. IBM IMC support and development recommend that only ERROR and WARNING log levels are used during normal production operation for optimal performance.
The above message indicates that a secure request was received, and accepted, and there was no error, and the last message will also indicate which HTTP Service (if there are multiple services configured) handled the request.
JeanmarieW 10000045RP Visits (11727)
The certificate that allows for push notifications to those using IBM Connections Mobile on iOS devices expires on January 29, 2016. If the certificate is not updated, users will stop receiving Apple Push Notification Service (APNS) notifications once it expires.
Before that date of January 29th, Connections administrators should download and apply an updated certificate to continue expected functionality for users. This update is available for Connections versions 4.5 CR4 & CR5, 5.0 CR2 & CR3, and 5.5.
For details and a link to download the updated certificate, visit: