search cancel

Configuration errors: Untrusted server certificate when integrating Endpoint Protection Mobile with a 3rd party MDM


Article ID: 185831


Updated On:


Endpoint Protection Mobile


Setting up the integration with a 3rd party MDM/UEM/EMM provider, the configuration is unable to complete. Investigation in the SEP Mobile MC for the MDM Basic Setup shows that there are configuration errors: Untrusted server certificate.


SEP Mobile uses https for secure communications with the MDM provider. The untrusted server certificate error occurs when SEP Mobile does not trust the traffic from the MDM provider. There are multiple possible causes for this.
  1. The certificate is self-signed instead of signed by a reputable 3rd party CA
  2. The certificate is expired and thus no longer valid
  3. The certificate chain is incomplete because the server is not presenting 1 or more of the certificates in the signing-chain.


First verify that the server name and port provided in the MDM integration basic setup under MC>Setting>Integrations>MDM/UEM/EMM>Basic Setup is correct.
If the information is verified to be correct, certificate errors can be checked for using open source tools such as curl, openssl, or

Depending on the identified cause, the solution may be to.

  1. Get the SSL certificate signed by a reputable Certificate Authority (CA)
  2. Renew the Expired Cert with the CA
  3. Complete the incomplete signing chain

(NOTE: for assistance resolving these certificate issues on your on-premises MDM implementation, you should reach out to the CA)