Defining certificate chain Common Names
Certificate validation is ENABLED by default for XSL source that is from a secured
(HTTPS) host. The certificate chain's Common Names (CNs) must be defined inside
$LAWDIR/system/iosconfig.xml
. If not, the web service that
processes the XSL source will not be able to properly validate the certificate of
the source host.
In the procedure below, attribute "host" refers to the hostname (excluding port or protocol) of the XSL source residing on the web server. If your web server is on a separate machine, from your Infor Lawson System Foundation application server, you will need to declare this node. If your web server is on the same machine as your LSF server, you will not need to declare this node or employ this solution.
The attribute "value" refers to the Common Name of the certificate. This correlates to the "Issued to" or "Subject" value of the actual certificate. If there is a certificate chain in play, all CNs must be declared in this file.
Use the steps in this procedure to verify that the Common Names are defined.