Skip to main content
Nintex Community Menu Bar
Question

K2 BlackPearl - K2 OAuth High Trust Certificate expired

  • February 26, 2025
  • 4 replies
  • 38 views
H
Forum|alt.badge.img+1

Hello,

 

I´m having issue with our installation of K2 BlackPearl (v. 4.6.11) + Onprem SP2013. Certificate has expired 24.02.2025 and its not possible to open forms on Sharepoint anymore. I have tried following:

 

  • Modify K2 Blackpearl installation – no luck, certificate is in those steps being generated, but again with same validity (so its already expired).
  • Use different certificate from my PKI – I have changed thumbprint in K2HostServer.exe.config file, but without any luck. Im still getting errors on SP:

 

 

 

 

Can anyone please help me with this issue?

 

Thanks

 

 

 

Translate
Did this topic help you find an answer to your question?

4 replies

P
Forum|alt.badge.img+7
  • PavelS
  • Scholar
  • 58 replies
  • February 26, 2025

If I remember correctly, this K2 OAuth High Trust certificate was also in SharePoint, Central Administration -> Security -> Manage Trust. There is also a utility CertificateManager.exe to work with those certificates, mentioned in the article:

How To: Allow multiple K2 Servers to use the same SharePoint Farm

Maybe this will help you, otherwise probably just a support ticket.

Translate
Dan_Stoll
1 person likes this
  • Dan_Stoll
    Dan_Stoll
MillaZ
Nintex Employee
Forum|alt.badge.img+21
  • MillaZNintex Employee
  • Nintex Employee
  • 661 replies
  • March 3, 2025

Hi ​@Hvezdic90 have you solved your issue?

Translate
Check out these Nintex University Learning paths: https://community.nintex.com/p/NintexUniversity
H
Forum|alt.badge.img+1
  • Hvezdic90
  • Author
  • Rookie
  • 1 reply
  • March 3, 2025

Hello,

 

sadly, no luck. After running “modify” installation, there is a line saying, that new self signing cert will be generated - this is not happening - it creates already expired certificate.

 

Weird thing is, that we wanted to replace this certificate with one from our CA, but no configuration is really applied. We have changed configuration file: K2HostServer.exe.config, we have replaced cert thumbprint here and we checked if certificate is available and installed for local system, also we changed rely trust on Sharepoint site with new certificate thumbprint... But on Sharepoint side, there is again info, that old certificate was used for this communication. 

 

 

 

So my question is, what am I missing? What is needed to do to get valid certificate from installer, or, how can I use my own cert to digitally sign this communication?

 

We are in meantime trying to force SP2013 to not check certificates validity, but also without much luck.

 

Thanks, Pavel

Translate
T
Nintex Employee
Forum|alt.badge.img+10
  • TinTexNintex Employee
  • Nintex Employee
  • 176 replies
  • March 11, 2025

I believe if you go through the K2 High Trust Oauth repair steps below, it should generate you an unexpired K2 Hight Trust Oauth certificate:

https://community.nintex.com/k2-blackpearl-66/when-trying-to-add-the-url-on-appdeployment-exe-an-error-appears-3002

A K2 database backup and K2 server VM snapshot is recommended.

Translate

Reply


Sidebar Buttons
Nintex Community Home Contact Nintex Support Email Nintex Community Check Nintex Status
Terms & ConditionsCookie Settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie Settings