Attempting to access SDM Tomcat URL via https://<hostname>.com:443/CAisd/pdmweb.exe after setting up SDM Tomcat for SAML results in this error in the pdm_tomcat logs which can be found in the NX_ROOT\logs folder:

audienceUris1 <><> https://company.com:443/CAisd/pdmweb.exe 
audienceUris2 <><> https://company.com:443/CAisd/pdmweb.exe 
com.auth10.federation.FederationException: The token was issued by an authority that is not trusted 
at com.auth10.federation.SamlTokenValidator.validate(SamlTokenValidator.java:158) 
at com.auth10.federation.FederatedLoginManager.authenticate(FederatedLoginManager.java:53) 
at com.auth10.federation.WSFederationFilter.authenticateWithToken(WSFederationFilter.java:195)

All versions of Service Desk Manager

Verify the certificate thumbprint in the NX_ROOT/bopcfg/www/CATALINA_BASE/shared/resources/federation.properties file

This thumbprint is obtained (from an ADFS administrator) from the certificate listed on ADFS -> Service -> Certificates -> Token-Signing cert.

If the thumbprint here is copied and pasted directly into federation.properties file, it might leave some unicode characters like this:  

‎‎‎e5 bc 83 19 20 a3 8a ab 21 a4 50 fd 9d 71 85 94 37 b6 22 b6

These unicode/special characters should not be present in the federation.properties file.

In addition to this, there should not be spaces between the pairs of characters in the thumbprint above. Those spaces need to be manually removed before using the thumbprint.

So, a good thumbprint should look like:

federation.trustedissuers.thumbprint=e5bc831920a38aab21a450fd9d71859437b611b6 

Save the file and then restart SDM Tomcat.