Invalid credentials log in thru mobile apps

  • 7017025
  • 30-Nov-2015
  • 30-Nov-2015


Novell iPrint Appliance 1.1 Patch 3 (version .418)


When trying to log in thru mobile apps, an "invalid credentials" error is
shown, even if the credentials are correct.

Also when accessing the renderer page on the MC console on the Appliance, there were no renderers listed, even
internal and external (windows) renderer are configured and working.


Customer is using a wildcard VeriSign certificate


Appliance internal name: 1.domain.intern
Appliance external name:
SSL Certificate: * from VeriSign

Solution was:
1. Adjust the /etc/hosts to have domain name for external access first:

<ip>  1.domain.intern

This first entry needs to match the SSL certificate name otherwise the error is present

2. Add public key of Server-Certificate, Intermediate CA and Root CA
from VeriSign as trusted to the Web certificate store.

See additional note to see how to generate the correct pfx/p12 file


If the first entry on the /etc/hosts file does not match the SSL certificate name, connection is rejected as untrusted as the appliance only check first entry on the hosts name to validate the SSL certificate name.
The wrong configuration giving the error was:


<ip> 1.domain.intern

Additional Information

How we created the PFX from a wildcard VeriSign certificate to import it into the appliance:


#openssl pkcs12 -export -out wildcard5.pfx -inkey 4-wildcard-key.pem -in 3-ssl_certificate.crt -certfile 2a-IntermediateCA-RootCA.crt

- 4-wildcard-key.pem = privat Server Key
- 3-ssl_certificate.crt = public Server Certificate
- 2a-IntermediateCA-RootCA.crt = public key of both CAs (first the
intermediate, second the root certificate)