ESS Error Message Certificate Not Allowed

, ,

When transferring between screens in EMSS, you may encounter the error message “Lawson System Foundation error message “verifyCertificate: CN value: *.<domain> is not in allowed CN list.”


The simplest way to resolve this issue, without requiring a restart, is to update the iosconfig.xml.  Add or edit the properties inside LAWDIR/system/iosconfig.xml.


1) Add the following property inside LAWDIR/system/iosconfig.xml:

<parameter name=”com.lawson.ios.transform.validatecert” value=”false” />

2) Save the file, wait 15-30 minutes for changes to take effect.

3) To validate the change, run this URL as a Portal Administrator: https://<LSFServer>:port/servlet/SysEnv


Another option, that will require a restart of services, is to add the certificates to the transform-hosts tag in the iosconfig.xml file:



<cn host=”” value=”” />

<cn host=”” value=”” />

<cn host=”” value=”InforCA” />



Add a common name for every host.


That’s all there is to it!