Web Player fails to open a report that contains a Data Function, with error message "The request was aborted: Could not create SSL/TLS secure channel (ClientCertificateNoAccessPrivatekey)."
Article ID: KB0077649
Updated On:
| Products | Versions |
|---|---|
| Spotfire Web Player | 10.x and higher |
Description
Reports that contain a Data Function may fail to open in the Web Player when using the TERR Service to execute the data function's TERR script, with the following error message:
==============
Could not execute function call 'TestDataFunction'
The request was aborted: Could not create SSL/TLS secure channel (ClientCertificateNoAccessPrivatekey). The account 'Domainname\Username' do not have access to the private key of the certificate to use for the TLS
request to 'https:/testnmdemo.apac.com:9502/config'.
Contact the adninistrator to make sure that the SSL certificate has been installed.
at
Spotfire.Dxp. Data.DstaFunctions.Executors. TereServiceClient.RunFunction (DataFunctionInvocation invocation)
at Spotfire.Dxp.Data.DataFunctions.Executors.SPlusFunctionExecutor.
<ExecuteFunction>d_13.MoveNext()
at Spotfire.Dxp.Data.DataFunctions.DataFunctionExecutorService.
<Executefunction>d_3.MoveNext()
==============
This error message is logged in the Web Player's Notification display, when the data function fails to execute against the TERR Service.
Cause :
Possible cause of this error is when you try to access the TERR Service, the channel has not been successfully accessed by a user having access to the certificate private key.
==============
Could not execute function call 'TestDataFunction'
The request was aborted: Could not create SSL/TLS secure channel (ClientCertificateNoAccessPrivatekey). The account 'Domainname\Username' do not have access to the private key of the certificate to use for the TLS
request to 'https:/testnmdemo.apac.com:9502/config'.
Contact the adninistrator to make sure that the SSL certificate has been installed.
at
Spotfire.Dxp. Data.DstaFunctions.Executors. TereServiceClient.RunFunction (DataFunctionInvocation invocation)
at Spotfire.Dxp.Data.DataFunctions.Executors.SPlusFunctionExecutor.
<ExecuteFunction>d_13.MoveNext()
at Spotfire.Dxp.Data.DataFunctions.DataFunctionExecutorService.
<Executefunction>d_3.MoveNext()
==============
This error message is logged in the Web Player's Notification display, when the data function fails to execute against the TERR Service.
Cause :
Possible cause of this error is when you try to access the TERR Service, the channel has not been successfully accessed by a user having access to the certificate private key.
Issue/Introduction
Web Player fails to open a report that contains a Data Function, with error message "The request was aborted: Could not create SSL/TLS secure channel (ClientCertificateNoAccessPrivatekey)."
Environment
All supported OS
Resolution
- Login to Node Manager Machine where TERR Service is installed.
- Open "Run" Window by pressing "Windows+R" buttons.
- Type "mmc.exe"
- It will open "Console" Window.
- In this Console Window, click on File Menu --> Add/Remove Snap-in..
- Add Snap-in certificate for Local computer.
- Go to Console Root/Certificates/Personal/Certificates and right click on the certificate issued by "TIBCO Spotfire Signing CA"
- Select All Tasks, and then click Manage Private Keys ... as shown below:
- In the new window, click Add, which opens the Select Users, Computers, Service Accounts, or Groups window
- Type "Authenticated Users" in the Object Names field, and click Check Names
- "Authenticated Users" now appears in the window as shown below:
- Click OK.
- Grant read access to the certificate private key for the group "Authenticated Users"
- Click Apply, and then OK to close the window.
- Open "Run" Window by pressing "Windows+R" buttons.
- Type "mmc.exe"
- It will open "Console" Window.
- In this Console Window, click on File Menu --> Add/Remove Snap-in..
- Add Snap-in certificate for Local computer.
- Go to Console Root/Certificates/Personal/Certificates and right click on the certificate issued by "TIBCO Spotfire Signing CA"
- Select All Tasks, and then click Manage Private Keys ... as shown below:
- In the new window, click Add, which opens the Select Users, Computers, Service Accounts, or Groups window
- Type "Authenticated Users" in the Object Names field, and click Check Names
- "Authenticated Users" now appears in the window as shown below:
- Click OK.
- Grant read access to the certificate private key for the group "Authenticated Users"
- Click Apply, and then OK to close the window.
Feedback
Yes
No
Powered by
