Gateway problem CertificateUnknown

Hi Juergen

I'm sorry about the issue you are experiencing. Broadly, this looks like a certificate trust issue (this can happen if the client doesn't trust the certificate and aborts the TLS handshake). Certificate configuration can be tricky to get right here; because a misconfigured server will "appear" to work in some cases, but break in other cases.

However, I'm confident this will be easy to fix.

We can start with the browser certificate diagnostics since you're wanting to use the web client: if you open the health route at https://{gatewayserver}:{port}/jet/health (e.g. https://mygateway.mydomain.io:7171/jet/health) in your browser, do you get a TLS error?

Please let me know if something isn't clear

Thanks and kind regards,

Hi,

there is a TLS Error. The certificate is not guilty.

Thanks

Jürgen

Hi,

Thanks for reaching out. It would be much easier to help if you could share a screenshot of the error you're seeing.
Based on what you’ve described, the issue is almost certainly related to trust, not the validity of the certificate itself.
The browser isn’t trusting it because it’s either:

1. A self-signed certificate, or
2. Signed by a CA that isn’t recognized on your client system.

To resolve this, you’ll need to add and trust the certificate (or its issuing CA) on your local machine.

Here’s how to do it depending on your OS:

Windows (10/11):

1. Double-click the .cer or .crt file.
2. Click Install Certificate, select Local Machine, and click Next.
3. Choose Place all certificates in the following store, then select Trusted Root Certification Authorities.
4. Click Finish and confirm any prompts.
5. Restart your browser.

Note that it’s best to use Group Policies to sync the certificate accros all you machines if you can.

Linux:
Debian/Ubuntu:

sudo cp mycert.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates

Fedora/CentOS:

sudo trust anchor --store mycert.crt
sudo update-ca-trust

Note that if you are using Firefox, you may need to import the certificate in the browser’s store too, if you are still experiencing trusting issues:

• Go to Settings → Privacy & Security → Certificates → View Certificates → Authorities.
• Click Import…, select the certificate, and check Trust this CA to identify websites.

macOS:

1. Open Keychain Access (Applications → Utilities).
2. Import your certificate into the System keychain via File → Import Items.
3. In the Certificates category, find your cert, double-click it, expand Trust, and set "When using this certificate" → Always Trust.
4. Close and authenticate with your admin password.

Browser Exception:

1. Open a page on the target server (e.g., /jet/health, as mentioned by my colleague).
2. Chrome: click Advanced → Proceed to [hostname] (unsafe).
3. Firefox: click Advanced → Accept the Risk and Continue.

Let us know how it goes. If the issue persists, please share:

• The certificate file so we can inspect it
• The exact TLS/browser error message
• An export of the results from RDM’s TLS Diagnostics Tool (accessible via the Tools ribbon)

Best regards,

Hi,

it´s working now. Our internal firewall blocked the contact to our CA. We put the certificate in the windows local cert store.

Thanks.

regards
Jürgen

Hello

Glad to hear you resolved the configuration problem. Please, don't hesitate with further questions or comments.

Kind regards,