When updating an expiring SSL certificate for your Punchout (Roundtrip) or order integration, note that certificates do not need to be manually shared with Unimarket if your server is configured correctly. This guide outlines a common configuration issue and a tool for troubleshooting.
Common Supplier Configuration Issue: Invalid Certificate Chain
A frequent issue occurs when a server has a valid certificate but is deployed without all the necessary intermediate certificates installed.
This results in an invalid certificate chain, which can cause connectivity problems, even if some browsers can mask the issue by reconstructing incomplete chains or using cached certificates.
Recommendation: To avoid this, ensure you use all the certificates provided by your Certificate Authority (CA) during deployment.
SSL Configuration Testing Tool
You can check your server's SSL configuration using an external tool:
SSL Labs Tool: https://globalsign.ssllabs.com/analyze.html
Best Practice: This tool checks many aspects of your configuration. We recommend aiming for a B or higher rating.
Key Section: Pay close attention to the section titled 'Additional Certificates (if supplied)'.
Resolution and Support
Misconfiguration: If the SSL Labs tool identifies any issues with your certificate chain, Unimarket will not perform manual configuration to work around such misconfigurations. You must resolve the issue on your server.
Contact Support: If the SSL Labs report shows no configuration issues (B rating or higher) and you are still experiencing connectivity problems, please contact us at
support@unimarket.comfor further assistance.