You need to sign in to do that
Don't have an account?
karthik karthik
Mutual Authentication Certificate Error
Hi,
I enabled Mutual authentication in salesforce and also i added certificate in salesforce, for testing purpose i tested my certificate from soapui tool while i testing i got the following error. Its urgent please help me......
Error: <html><head><title>Certificate Error</title></head><body bgcolor=#ffffff text=#3198d8><center><img src="http://www.sfdcstatic.com/common/assets/img/logo-company.png"><p><h3>Client certificate error:<i>unable to verify the first certificate</i></h3></center></body></html>
I enabled Mutual authentication in salesforce and also i added certificate in salesforce, for testing purpose i tested my certificate from soapui tool while i testing i got the following error. Its urgent please help me......
Error: <html><head><title>Certificate Error</title></head><body bgcolor=#ffffff text=#3198d8><center><img src="http://www.sfdcstatic.com/common/assets/img/logo-company.png"><p><h3>Client certificate error:<i>unable to verify the first certificate</i></h3></center></body></html>
[1] https://developer.salesforce.com/page/Outbound_Messaging_SSL_CA_Certificates
Thanks for your response. The client certificate is available in the List. You have any idea on that error.
You've probably figured it out by now, but having just gotten it to work myself I thought I'd share...
The certificate signing request must be created outside of Salesforce. Do not use Salesforce's Create CSR link. The reason for this is you need to have both your csr AND your private key.
I created our key and CSR with the commands:
After getting our client's networking group to sign the CSR, we were returned four files: ServerCertificate.crt, Intermediate1.crt, Intermediate2.crt, and Root.crt.
I concatenated ServerCertificate.crt and Intermediate1.crt together into a single certificate.crt, and loaded that into Salesforce as a Mutual Authentication Certificate.
Then I used the curl command below to verify it was working. Note: if you're on a Mac the curl command won't work because Apple hacked it to use its own keychain stuffs. I wasn't able to get those to work so my easiest path was to use the curl that came with git-bash in my Windows-7 Fusion VM:
My sandbox instance was on cs4. Using "test.salesforce.com" times-out. Don't bother.
The SOAP command inside gagne.txt resembles:
If you haven't whitelisted your client's IP address, you will need to append a security token after the password.
In all, the most important things to remember was: