06-10-2021 02:43 AM
Hi,
We updated Systemlink to the 2021 R1.1 in our factory specialy for the more stable store and forward module. The module works well when used from our company network (My computer) but doesn't at all when used on our intern network (in production).
I checked the event viewer and found out this error from the nisystemlinkforwarding.exe that says: ssl error: WINHTTP CALLBACK STATUS FLAG_CERT_REV FAILED
I guess its a problem related to the fact that the https is enabled for our systemlink or maybe a port that is not opened on our intern network.
The port opened in our network are: 80;443;2343;2809,59100-59110;4505-4506;5673 and 15672
Is there an other port that needs to be open
The firewalls are disabled on the production computers.
Thanks for the help
06-10-2021 10:03 AM
Hi sklod,
This errors seems related to your clients ability to reach to CA server to determine if your certificate has been revoked. From Microsoft:
|
Certification revocation checking has been enabled, but the revocation check failed to verify whether a certificate has been revoked. The server used to check for revocation might be unreachable. |
I have a feeling that your computer at your desk can access the CA server to do this check, but the internal network cannot reach it. Another possibility is your cert is malformed. Did you produced the Certificate Signing Request (CSR) from NI Web Server Configuration? Also, does your cert specify all the hostnames for your SystemLink Server? Is the hostname for the server different depending on which network is accessing it (manufacturing vs company network)?
06-14-2021 04:15 AM
Hi thanks for the reply.
I think the more probable cause is our intern network not accessing the CA server, but still wonder how the test result can be send to systemlink when the store and forward is disabled.
The certificate was generated by our IT departement and is using a single hostname as we are using the same server's hostname everywhere