000019902 - How do I connect an RKM 1.5 client to an RKM 2.x server?

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000019902
Applies ToRKM Client 1.5.x
RKM Server 2.0, 2.1, or 2.2
IssueTo connect an RKM 1.5.x client to an RKM 2.0, 2.1, or 2.2 server
ResolutionAn RKM 1.5 client can connect to all 2.x servers.  The 1.5 client has the limitation that's it's certificate has to share a CA with the server's certificate.  If this is not the case the client will fail to authenticate the server's certificate and will not be able to get any keys from it.  The easiest way to do this is to issue both client and server cert from the same CA. 
These are the two properties needed for the client's PKCS12 file:
  1. The clients certificate must be issued by the same CA as the servers certificate
  2. The client's P12 file has to contain the entire certificate chain
Legacy Article IDa37848