The “Certificate Store Location” and “Certificate Store Name” settings for the REST and OData SmartObject Service type instances allowed the certificate store security model to be bypassed. Due to this a change in behavior is now introduced to no longer have these settings available.
The fix is available in the following K2 versions:
|K2 4.7 March 2018 Cumulative Update
||K2 Five (5.0) September 2018 Cumulative Update
||K2 Five (5.1) November 2018 Cumulative Update
||K2 Five (5.2) May 2019 Cumulative Update
||K2 Five (5.3)
||Fix Pack 23
- Ensure you have the correct K2 version and/or Cumulative Update installed. See KB001893 to see what Fix Pack level you have installed.
- Download the latest Fix Pack using the links in the table above for the version you require.
- Install the Fix Pack to apply the fix.
After installing this Fix Pack, the following error could occur if the configured certificate is not installed in the correct location: “Could not find a valid, matching certificate in the personal (CurrentUser\My) certificate store with your search method and value”.
Administrators should make sure that client certificates are installed under the CurrentUser\My store location.