Hyland

Update the NolijWeb licensing certificate

The current certificate being utilized by the License Server will be expiring December 31, 2020. The targeted Certificate cutover is December 11 at 6:00 PM CST. In an effort to maintain up-time, please follow the provided steps in the resolution section of this article.

Note: Hyland Software provides an annually expiring certificate for the NolijWeb licensing server. Each year, the current certificate will expire on December 31 of that year, and will require the installation of a new certificate at that time.

IMPACTED VERSIONS

Customers using any version of Noli.

POTENTIAL DISRUPTION

Impacted users may experience the following errors:
 

• • IOException during checkServers: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.

If the above error is encountered, refer to the Action Required section below. 

• • No valid license. Login and job services disabled. Please contact Hyland Support to obtain a license.
  • Unable to validate license status: No configured Perceptive Licensing Server. 
  • Unable to set active Perceptive licensing server.

If any of the above three errors are encountered, contact Hyland Technical Support.

ACTION REQUIRED

To resolve this issue, system administrators at customer organizations should perform the following actions below.
 

Download and install the new certificate

• • Download the lic1.perceptivecloud2020.pem certificate here.
  • Stop the Apache Tomcat service.
  • Copy or transfer the downloaded certificate to the server hosting Apache Tomcat.
  • Install the certificate using the commands in the below sections for either Windows or Linux environments.
  • Review the generated myoutput.txt file for the certificate entry. 
  • Start the Apache Tomcat service.
     

Windows commands

Run the following commands to install the certificate in a Windows environment:
 

• • cd %JAVA_HOME%\bin

          Note: The JAVA_HOME variable may not be configured. This is the equivalence of "rive]:\Program Files\Java\<jdkversion>\jre".
 
          Keytool resides within the bin directory of the jre used by the application.
 

• • keytool -import -trustcacerts -alias lic1cer2020 -file "<LocationOfNewCertificate>\lic1perceptivecloud2020.pem" -keystore "%JAVA_HOME%\lib\security\cacerts" -storepass changeit -noprompt

• • keytool -list -alias lic1cer2020 -keystore "%JAVA_HOME%\lib\security\cacerts" -storepass changeit > "rive]:\Users\%username%\desktop\myoutput.txt"

Linux commands

Run the following commands to install the server in a Linux environment:
 

• • cd $JAVA_HOME/bin
    
    Note: This should be defined within the environment, and it could be defined anywhere. The administrator of the Linux machine should have this on record.
     
    The command printenv | grep JAVA can provide insight if it is configured. Otherwise, this may be set within a shell script elsewhere on the machine.
     
  • keytool -import -trustcacerts -alias lic1cer2020 -file /<folders>/lic1perceptivecloud2020.pem -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt
  • keytool -list -alias lic1cer2020 -keystore $JAVA_HOME/lib/security/cacerts -storepass imagenow > /<desiredDirectory>/myoutput.txt

RESOURCES

The Hyland Technical Support team is here to assist impacted customers. For questions or assistance, customers may submit a support issue through Hyland Community.