Notifications

834 views

Description

ServiceNow will update the SSL certificate securing the ServiceNow instances every 6 months when they are expired. This doesn't have any other impacts to the ability to connect to the ServiceNow instance. However, in case you have integrations, caching, or proxy servers that have hard-coded the current ServiceNow SSL certificate, they will need to be manually updated to trust the new SSL certificate. 

One of the below exceptions can be seen on the third party console that does the SOAP calls to ServiceNow even after performing the cert update in their application

[TicketingProcessingPCY][pool-2-thread-67211]Parser log: Result Code: JavaException: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

 

 

Release or Environment

New York Patch 4 Hot Fix 1

Cause

Third-party tools like IBM Netcool might see the below exception even after following KB0563633 - SSL/TLS encryption on instances after an update of the SSL cert in their application
[TicketingProcessingPCY][pool-2-thread-67211]Parser log: Result Code: JavaException: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

This indicates this third party cert is still not trusted by ServiceNow and cannot authenticate its transactions.

Resolution

Once the SSL cert is updated, have the third-party integrators follow the following KB to update the new ServiceNow SSL cert in their application: KB0563633 - SSL/TLS encryption on instances

Make sure third party application is restarted once the SSL certs are updated and this should provide a successful communication with ServiceNow.

Article Information

Last Updated:2020-03-12 06:42:37
Published:2020-03-12