Skip to main content
Language Selector

  1. Other Languages

    (machine translation)

Planview Customer Success Center

How can I resolve certificate validation errors?

  1. Last updated
  2. Save as PDF

Last Updated:   |  Applicable Hub Versions: Cloud

Answer

To resolve a certificate validation error, we recommend checking the certificate in your browser or connecting to the repository using OpenSSL. See the sections below for more information.

View the certificate in your browser

Note: The instructions below are specific to Google Chrome browsers. If using a different browser, instructions may be slightly different.

  1. Visit the end repository and click the padlock icon in your browser. Then, select the certificate.

    1. 92472286.png

  2. Click the General tab to see who the certificate was issued by. 

    1. 92472285.png

      1. If the certificate is self-signed or issued by an internal corporate CA, Hub Cloud will not trust it. Hub Cloud will only trust certificates signed by a public CA.
      2. If the certificate is signed by a public CA, go to the Certification Path tab and check that the full path to the root certificate is displayed.92472284.png
  3. If the full path to the root certificate is not displayed, you will need to update the repository server to serve the intermediate certificate(s).

Connect to the repository using OpenSSL

A browser usually completes the certification path automatically which is different when connecting from Hub, so you may need to double check with OpenSSL. To connect to the repository using OpenSSL, see the following instructions.

  1. Run the following command (changing the repo.server.name:1234 to the hostname:port of the repository): 

    openssl s_client -showcerts -connect repo.server.name:1234

  2. Check that the output includes Verification: OK and includes one -----BEGIN CERTIFICATE----- section for each node in the Certificate chain.

    1. If the output does not contain the messages above, the intermediate certificate(s) are missing from the path and the repository server will need to be updated to include the missing certificate(s).

    2. If the output does contain the messages above and Hub is still encountering the error, Hub may be receiving a different certificate response due to the network path it uses.

  3. Try to run the OpenSSL command from outside of your corporate network (i.e., turn off VPN if you're running the command from your own computer).