Skip to main content
Nintex Community Menu Bar

Hello,

 

I´m having issue with our installation of K2 BlackPearl (v. 4.6.11) + Onprem SP2013. Certificate has expired 24.02.2025 and its not possible to open forms on Sharepoint anymore. I have tried following:

 

  • Modify K2 Blackpearl installation – no luck, certificate is in those steps being generated, but again with same validity (so its already expired).
  • Use different certificate from my PKI – I have changed thumbprint in K2HostServer.exe.config file, but without any luck. Im still getting errors on SP:

 

 

 

 

Can anyone please help me with this issue?

 

Thanks

 

 

 

If I remember correctly, this K2 OAuth High Trust certificate was also in SharePoint, Central Administration -> Security -> Manage Trust. There is also a utility CertificateManager.exe to work with those certificates, mentioned in the article:

How To: Allow multiple K2 Servers to use the same SharePoint Farm

Maybe this will help you, otherwise probably just a support ticket.


Hi ​@Hvezdic90 have you solved your issue?


Hello,

 

sadly, no luck. After running “modify” installation, there is a line saying, that new self signing cert will be generated - this is not happening - it creates already expired certificate.

 

Weird thing is, that we wanted to replace this certificate with one from our CA, but no configuration is really applied. We have changed configuration file: K2HostServer.exe.config, we have replaced cert thumbprint here and we checked if certificate is available and installed for local system, also we changed rely trust on Sharepoint site with new certificate thumbprint... But on Sharepoint side, there is again info, that old certificate was used for this communication. 

 

 

 

So my question is, what am I missing? What is needed to do to get valid certificate from installer, or, how can I use my own cert to digitally sign this communication?

 

We are in meantime trying to force SP2013 to not check certificates validity, but also without much luck.

 

Thanks, Pavel


I believe if you go through the K2 High Trust Oauth repair steps below, it should generate you an unexpired K2 Hight Trust Oauth certificate:

A K2 database backup and K2 server VM snapshot is recommended.


Reply