SystemLink

cancel
Showing results for 
Search instead for 
Did you mean: 

Store and forward Systemlink 2021 R1.1

Hi,

 

We updated Systemlink to the 2021 R1.1 in our factory specialy for the more stable store and forward module. The module works well when used from our company network (My computer) but doesn't at all when used on our intern network (in production).

I checked the event viewer and found out this error from the nisystemlinkforwarding.exe that says: ssl error: WINHTTP CALLBACK STATUS FLAG_CERT_REV FAILED

I guess its a problem related to the fact that the https is enabled for our systemlink or maybe a port that is not opened on our intern network.

The port opened in our network are: 80;443;2343;2809,59100-59110;4505-4506;5673 and 15672

Is there an other port that needs to be open

The firewalls are disabled on the production computers.

 

Thanks for the help 

0 Kudos
Message 1 of 3
(98 Views)

Hi sklod, 

 

This errors seems related to your clients ability to reach to CA server to determine if your certificate has been revoked. From Microsoft:

 

WINHTTP_CALLBACK_STATUS_FLAG_CERT_REV_FAILED
Certification revocation checking has been enabled, but the revocation check failed to verify whether a certificate has been revoked. The server used to check for revocation might be unreachable.

 

I have a feeling that your computer at your desk can access the CA server to do this check, but the internal network cannot reach it. Another possibility is your cert is malformed. Did you produced the Certificate Signing Request (CSR) from NI Web Server Configuration? Also, does your cert specify all the hostnames for your SystemLink Server? Is the hostname for the server different depending on which network is accessing it (manufacturing vs company network)?

Mark
NI App Software R&D
0 Kudos
Message 2 of 3
(54 Views)

Hi thanks for the reply.

 

I think the more probable cause is our intern network not accessing the CA server, but still wonder how the test result can be send to systemlink when the store and forward is disabled.

 

The certificate was generated by our IT departement and is using a single hostname as we are using the same server's hostname everywhere

0 Kudos
Message 3 of 3
(10 Views)