Error when trying to use Import Extension

[Seppel1985]

Hi Vladimir,

can you please help? I get the following error, when trying to import an extension. Application.Log - There are no additional errors in the log Error in ContentLoader.postMultiPart: check your inputs! Certificate for doesn't match any of the subject alternative names: []

The extension I try to install is the mail extension, see screenshot. I guess it has something to do with the server, but all certificates are installed.

Also I can install the extension in a manual way using the standard thingworx import.

Thank you & best regards, Sebastian

[vrosu]

My guess: the server's certificate you are trying to access is not setup correctly (the SAN you should have the IP or DNS of the server you are accessing or at least the CN I guess). Probably the certificate the server presents has the CN only, and it's not using the SAN extension. Fyi usage of only CN has been deprecated in certificates, and it is suggested to only use the SAN, with dnsNames entries (check chapter 3.1. Page 5 , forth paragraph RFC2818 Because of this validation issue, the ExtensionsExport / ImportExtension service will throw up an error. The manual way works, because browsers are much more forgiving for stuff like this, but in this case the request originates from the ThingWorx side. Things to do:

1. Verify the server certificate and look if maybe it was not modified by our IT (look at the root CA)
2. Ask who created those certificates to embed properly the SAN dnsName entries in the certificate - if that's an option
3. Set to validation to false and ignoreSSLErrors parameters to true manually in the service above, save and retry. Note that in my cases I needed to regen the certificate each time, but maybe the above will work for you.

[Seppel1985]

Thank you, that helped a lot. I realized, that the certificate was not setup in a proper way and for the the wrong adress was given. It was set to localhost.