This article applies to:
OS: Windows
Product edition: inSync On-Premise 5.8.4
Problem description
After upgrading inSync On-Premise server to 5.8.4, attempts to activate new clients and log in fail with an error message:
Traceback
[2017-08-30 14:29:08,321] [WARNING] Active Directory User:john@bronto.localis not allowed to login. inSync Server must have Signed SSL Certificate.
[2017-08-30 14:29:08,321] [ERROR] User: Unknown encountered error. Error: Server security certificate is not trusted by OS. Please contact your IT Administrator. (#10000006e)
[2017-08-30 14:29:08,321] [ERROR] Error <class 'inSyncLib.inSyncError.SyncError'>:Server security certificate is not trusted by OS. Please contact your IT Administrator. (#10000006e). Traceback -Traceback (most recent call last):
..
..
SyncError: Server security certificate is not trusted by OS. Please contact your IT Administrator. (#10000006e)-==
Cause
This error occurs when inSync detects a self-signed certificate during the AD/SSO authentication. inSync mechanism is configured to use AD or Single Sign-On. Self-signed certificates will no longer work.
π Note
βThis error does not impact users whose login mechanism is set to "inSync password" at the Profile level.
Resolution
Starting with version 5.8.4, inSync will need a signed SSL certificate for the AD/SSO client authentication to work.
You must also make sure that the SSL key follows the guidelines listed in our documentation.
π Note
βIf any certificate (root, intermediate or domain) is missing from the SSL certificate, it will result in the error described above.
See also
For more information, see How to Install SSL Certificate from a Trusted CA?