Show the old cert after updated new certificate files

billyhuang
Participant I

Still showing the old cert after updated new certificate files in sdk.42-q.com

0 4 232
4 REPLIES 4

billyhuang
Participant I

We have defined the custom domain follow up with https://docs-new.apigee.com/custom-domain but when we open the URL https://sdk.42-q.com & https://apigateway-test.42-q.com still showed the old cert on Chrome.

Would you help to restart Apigee routers for updating certs in sdk.42-q.com and apigateway-test.42-q.com sites ?

FYI,

Showing old certs

keytool -printcert -sslserver sdk.42-q.com:443 | head
Certificate #0
====================================
Owner: CN=*.42-q.com, OU=COMODO SSL Wildcard, OU=Domain Control Validated
Issuer: CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB
Serial number: 5c497b1805c1b6f3ba641c023a6be630
Valid from: Tue Mar 21 08:00:00 HKT 2017 until: Wed Apr 01 07:59:59 HKT 2020

Showing new certs

keytool -printcert -sslserver apigateway-dev.42-q.com:443 | head
Certificate #0
====================================
Owner: CN=*.42-q.com
Issuer: CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB
Serial number: 6a1ffb920a36edf655df979c8094aad0
Valid from: Mon Mar 16 08:00:00 HKT 2020 until: Sun May 01 07:59:59 HKT 2022

@Billy Huang

It appears that the cert change has not propagated. Please do confirm if the keystore in "portal" environment is reflecting the updated certs. You can then log a support ticket to have the routers restarted.

@Arungopal


Thank your help. The keystore in "portal" environment was reflecting the updated certs but it still shows old certs.

P.S.: I tried with test keystore in apigee with same certs files which it shows two success and two failed as belows in portal site.

FYI,

Truststore name: 42-q-keystore-2020
SSL test type: Two-Way
Client Cert Keystore: 42-q-keystore-2020
Client Cert Alias: 42q
<br>

Success with apigateway-prod.42-q.com & apigateway-dev.42-q.com

Test result
Success!<br>

Failed with sdk.42-q.com / apigateway-dev.42-q.com

<strong>Test result
</strong>Error: Invalid Truststore. Unable to find valid certification path to requested target

billyhuang
Participant I

The cert was updated after restart Apigee routers.