K2 4.7 Certificate Error during Blackpearl configuration analysis

  • 24 February 2022
  • 0 replies
  • 36 views

Userlevel 5
Badge +20
 

K2 4.7 Certificate Error during Blackpearl configuration analysis

kbt140275

PRODUCT
K2 blackpearl 4.7
This article was created in response to a support issue logged with K2. The content may include typographical errors and may be revised at any time without notice. This article is not considered official documentation for K2 software and is provided "as is" with no warranties.
LEGACY/ARCHIVED CONTENT
This article has been archived, and/or refers to legacy products, components or features. The content in this article is offered "as is" and will no longer be updated. Archived content is provided for reference purposes only. This content does not infer that the product, component or feature is supported, or that the product, component or feature will continue to function as described herein.

Issue

When upgrading from 4.6.11 to 4.7, a certificate key error appears during post configuration analysis.
 

"Certificates.AddAccessToCertificate: 12:37:48:>> Add private key access to cert for user: Domaink2_service_account_name and Domaink2_web_app_pool Find certificate: 932XXXXX9F96C7413C7702EXXXXXX in store My Logged Error: Could not set key access: System.NullReferenceException: Object reference not set to an instance of an object."

Symptoms

The accounts don't have rights to read/access K2 self-signed certificates' private key during the initial upgrade.

Troubleshooting Steps

1. Search in the certificate stores in the MMC for the complained thumbprint.

2. Make sure that it exists in the Personal/Trust Root Certification…/Intermediate Certification stores.

3. Right click on the certificate and select All Tasks > Manage Private Keys and give the above K2 service account/K2 web-app pool accounts Full control over it.

Alternatively, you can give Everyone with Full Control to private key.

4. Run K2 Blackpearl SetupManager and select reconfigure K2 components.


0 replies

Be the first to reply!

Reply