I have an array of two SGD servers in 4.4 version.
I can't do the upgrade to the last version for differents things.
The SSL certificates issued by Commodo are expired. Now my company get a wildcard certificate for the publics web and applications servers. The certificate is issue now by GlobalSign.
I've done the renew of the certificates on each server.
1) Copy the csr.pem of the wildcard to /opt/tarantella/var/tsp/
2) Copy the signed wildcard certificate by globalsign to /opt/tarantella/var/tsp
3) Create a custom CA (because globalsign was not supported by SGD in 4.4 version). The intermediate root ca of Globalsign + the root CA
4) I had added my SSL to the keystore /opt/tarantella/bin/jre/bin/keytool -importcert -file /opt/tarantella/var/tsp/cert.pem -keystore /opt/tarantella/bin/jre/lib/security/cacerts -storepass **** -alias sgd.adehis.be
5) I had added the custom ca by : /opt/tarantella/bin/tarantella security customca --rootfile /tmp/rootca.pem
After that, we have a problem.
On Windows Vista, 7, 2003, 2008 the user can use SGD without problem.
On Windows XP,
randomly the user get a prompt : [http://docs.oracle.com/cd/E19728-01/820-4907/figures/spoofed.gif]
This appears only in Windows XP.
I've tried all the information that i've found.
1) Add the fingerprint of the sgd server in the c:\Documents and settings\User\Local Settings\Application Data\Sun\SSGD\hostsvalidated
2) try to add the cert of the server in the certificate store of the client.