Skip to main content
Kofax

SafeCom DS 90*10: Konica Minolta devices are showing error during configure: device does not appear to have SSL enabled.

Problem:

With Device Server 90*10 some Konica Minolta devices are showing the error "unable to configure device because : device does not appear to have SSL enabled".

However the same device are working on Device Server 90*09 with the same Security/SSL settings.

Cause:

This issue is related to the Java.Security change in Device Server 90*10.

In the device server logic trace following error is seen:

ConfigureDeviceJob (3634), emitter=dk.safecom.products.deviceserver.devicesupport.konicaminolta.internal.di.KonicaMinoltaConfigurationInterface, message=SSL
This appears to be broken: - com.sun.xml.internal.ws.client.ClientTransportException: HTTP transport error: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates does not conform to algorithm constraints

Resolution:

An exception needs to be added into the java.security file to allow the MD5/RSA algorithm

The Following steps are needed to be performed:  

1. Stop the device server service.
2. Navigate to C:\Program Files (x86)\SafeCom\SafeCom Device Server\bin\jre\lib\security
3. Open the java.security file in notepad or a similar application. The following lines:

jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024

Need to be changed to: (this will depend on the certificate used on the device)

jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024, DHE, ECDHE, ECDHE_RSA, DiffieHellman

4. Comment out all lines from jdk.tls.legacyAlgorithms= \ onwards (6 lines in total).
5. Save the edited java.secrutiy file.
6. Reboot the server after making this change, as restarting the device server service alone may not be sufficient.