The “Certificate Store Location” and “Certificate Store Name” settings for the REST and OData SmartObject Service type instances allowed the certificate store security model to be bypassed. Due to this a change in behavior is now introduced to no longer have these settings available.
The fix is available in the following K2 versions:
|K2 4.7 March 2018 Cumulative Update||K2 Five (5.0) September 2018 Cumulative Update||K2 Five (5.1) November 2018 Cumulative Update||K2 Five (5.2) May 2019 Cumulative Update||K2 Five (5.3)|
|X||X||X||X||Fix Pack 23|
After installing this Fix Pack, the following error could occur if the configured certificate is not installed in the correct location: “Could not find a valid, matching certificate in the personal (CurrentUser\My) certificate store with your search method and value”.
Administrators should make sure that client certificates are installed under the CurrentUser\My store location.