Certificate Update Troubleshooting

Our PCC digital certificates use Client Data Update Tokens (CDUT) to automatically update TLS certificates and Server Authentication whitelists. This article outlines some of the potential causes and solutions in the unlikely event that an automatic update does not occur.

Symptoms of an update failure

The following may be signs of an update failure:

These symptoms will only appear after the affected certificates have expired. They will not appear at the time the update mechanism fails. Updates are always pushed prior to certificate expiration.

Solutions

Here are some possible solutions you can try should your update fail.

Restart the application

The PCC must be restarted to load the updated configuration. The application will automatically force a restart within 48 hours. However, if this mechanism fails, and the machine has not been restarted, the update may not be applied.

Use one of the following commands to restart the application:

For both Windows and macOS operating systems you can also just restart your computer. This will also restart the PCC.

Manually download and install the CDUT

Should the issue continue, you can manually download and install the latest CDUT file yourself.

To manually download and install the CDUT file:

1. Download the following file: https://static.esignlive.com/pcc/CDUT.txt

2. Copy this file to the appropriate directory:

   • Windows: %LOCALAPPDATA%\OneSpan\OneSpan Personal Certificate Client\Data\cdut.txt

   • macOS: ${HOME}/Library/Application Support/OneSpan/OneSpan Personal Certificate Client/Data/cdut.txt

     Note that the cdut.txt file name must be saved in lowercase letters. You may also need to create the Data folder if it does not already exist.

3. Restart the application using the steps described above.