SSL import issue with 7.1.4

Submitted by GoBoSox on Sat, 06/02/2012 - 12:32pm

Forums:

Hi All,

we attempted to import a new key & cert - generated key via openssl (win32), Powerschool Installer page for SSL import does not recognize the key as valid ... the issue was escalated to tier 2, t2 verified that the openssl server key & cert do match so it has now been further escalated to tier 3 support.

I'm no expert on SSL but apparently openssl output is not in a format that is "liked" and am not sure if its PS encryption library issue (missing or corrupted file) ...

Has anyone else had similiar import issues with SSL?

Thanks for looking!

GBS

brian_andle

Sun, 06/03/2012 - 6:57pm

Using OpenSSL to generate a SSL cert is really intended for internal test/use, not saying it shouldn't work. Because OpenSSL generated certs are not truly authenticated, users will need to accept a untrusted cert. While this isn't that much of a issue when used internally it will be a issue when you try to explain to Parents and Students that it's safe to accept a untrusted cert when it is not. You'll want to use trusted SSL vendor like Network Solutions, Go Daddy, Thawte or VeriSign to name a few to create a SSL cert for your production server..

GoBoSox

Mon, 06/04/2012 - 1:48pm

Hi Brian,

this is not a self-signed cert (the csr file was sent to thawte & we received our cert from them) - I initially wanted to just use the renewal feature form but the other problem with powerschool is that the renewal form does not include an email address field (for renewal, don't know if this was addressed in PS 7.2) - so we needed to generate the cer & key files via openssl (or similar) - the ps document 63525 & 63961 does cover some of it (look at my other post 3201 on powersource feature request about that) but unfortunately importing the key fails... so we are now waiting on PS Tier 3 to look at the issue

Subscribe to Comments for "SSL import issue with 7.1.4"