Unable to install hotfix's

Brahmesh · October 26, 2023, 12:32pm

Unable to install the hotfix even after followed the instructions mentioned in Verifying hotfix authenticity by using a Pega Keystore

Getting the following error when importing hotfix file.

2) Downloaded the certificate from digicert.com

Using the utility, create a Java KeyStore (JKS) with the DigiCert root certificate:

keytool -import -trustcacerts -keystore pegahotfixkeystore.jks -file DigiCertTrustedRootG4.crt -alias pegahotfix

Created keystore file and uploaded the generated JKS file .

Created DSS

Application server was restarted but still issue is not resolved .

Kishore_Sanagapalli · October 27, 2023, 8:52am

@Brahmesh@

We too had the same problem so disabled the Hotfix enable revocation DSS setting for temporary need basis.

It’s advisable to raise an INC with Pega GCS as a BUG

Brahmesh · November 1, 2023, 11:06am

@Kishore Sanagapalli Even setting the DSS( hotfixmanager/enableRevocation) value as false also didn’t help.

MarijeSchillern · November 1, 2023, 1:27pm

@Brahmesh@ please provide the INC ticket Id here once you have logged the support ticket on the MSP.

Brahmesh · November 8, 2023, 2:52pm

@MarijeSchillern INC-A23355

MarijeSchillern · November 9, 2023, 2:54pm

@Brahmesh@ I can see that the ticket was closed with the below explanation:

1 Problem was caused because DL with hotfix was created before the May 23. And contain a old signed certificat that is why we saw error related missing certificate. Even if client followed documentation and imported certificate to the keystore.

https://docs.pega.com/bundle/platform/page/platform/deployment/hotfixes-verify-auth-pega-keystore.html

2. With the new DL client received next error related to infrastructure restrictions regarding the revocation check.

The problem was resolved by disabling revocation check.

Beginning in May 2023, if your application uses firewalls to block outside connections, add the latest validation HTTP endpoints, using port 80, and the appropriate details to your firewall allow lists.
https://docs.pega.com/bundle/platform-88/page/platform/deployment/hotfixes-verify-auth-automatic.html#verify-hotfix-files-during-install

You can disable the revocation check using this documentation link:
https://docs.pega.com/bundle/platform-88/page/platform/deployment/hotfixes-disable-auth-check.html

I will close this thread based on the above resolution.

Conversation		Replies	Views
Vulnerability Hotfixes:Signature verification failed General pega-platform , senior-system-architect , security , case-management , financial-services , 8-6	4	1550	November 17, 2023
Pega 8.6- Hotfix Installation Issue General system-architect , data-model , healthcare-and-life-sciences , pega-claims-repair-for-healthcare	1	234	July 6, 2023
Issue with Hotfix Scan Check online General pega-platform , installation-and-deployment , java-and-activities , 8-8-1	2	128	November 19, 2023
Pega Security Advisory - Apache Log4j - Vulnerability Hotfixes error for Pega 8.6 &8.5.3v General security , 8-6 , 8-5-3	2	568	December 22, 2021
Issue with uploading certificate into Pega KeyStore. General case-management , data-integration , 8-7	5	343	January 23, 2024

Unable to install hotfix's

Related topics