The official build of version 15.2.0 unfortunately contains an error when using an SSL certificate on the Enterprise Server. If you are having trouble connecting to your server using SSL in version 15.2.0, first of all please, make sure to install the latest updates 15.2.1 of the Enterprise Server and 15.2.2 of the Desktop or Corporate Client. You can find the latest builds on our website. Please download and install them accordingly:
Note: Before changing any settings, please make sure to install the latest version 15.2.1 of the Enterprise Server and 15.2.2 of the Desktop or Corporate Client because otherwise changes will not have an impact at all.
Concerning the version 15.2.0 (or higher) and using an SSL certificate on the server, please also take the following into consideration:
1. The new version 15.2.0 (or higher) uses an upgraded transfer protocol with no backward compatibility. This means that all Password Depot clients and Server Managers must also be updated to version 15.2.0 or higher. Please make sure to update all editions to the latest version of version 15.
2. The server now uses OpenSSL 1.1.1.j with TLS1.3. Currently, only server certificates in the PEM format are supported. We have implemented a procedure of automatic conversion of your installed PFX or CRT certificates to the PEM format, which may require an additional restarting of the Password Depot Server after the first run. If the server still cannot load the SSL certificate after restart, please convert your existing certificate into the PEM format manually.
To convert a PFX certificate into PEM, for example, please use this command line:
openssl.exe pkcs12 -in <SOURCE_FILE_PFX> -out <TARGET_FILE_PEM>
and answer the appearing questions about passwords when prompted.
When you try to connect to the server afterwards, you may get a message as follows:
The screenshot in German states that the certificate cannot be verified and that no error was found. Please select "Zertifikat anzeigen" (Show certificate). Afterwards, the following dialog window should be displayed:
Select "Zertifikat installieren" (install certificate) and continue in order to finish the installation process.
Please note that all Windows clients should install the certificate as trusted if the certificate has been converted. However, this is not required in iOS or Android.
Thus, the correct procedure is as follows:
a) Please make sure to use the latest client version 15.2.2.