Unable to connect to task server over HTTPS, using persistent connection. The certificate chain was issued by an authority that is not trusted (0x80090325)
Article ID: 243544
Updated On:
Products
Issue/Introduction
You may notice that your endpoints are no longer connected to your task servers, using persistent connection, over HTTPS. You may observe that they are able to connect over HTTP without a problem. When you review the endpoint's logs, to try to determine what is wrong, you notice the following errors:
[1E:OUT_SRV: 1744 -> 13BC, RECV: 20AD8C16] Client SSL: Failed to process server '' token, total bytes: 1466, extra bytes: 0, error: The certificate chain was issued by an authority that is not trusted (0x80090325)
Task Server Connection: Failed to register on Task Server '' over 'HTTPS', error: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider (0x800B0109)
Environment
Release: 8.6
Cause
The site server's certificate is not present in the intermediate certification authorities store.
Resolution
For some reason the certificate for the site server the agent was trying to connect to for site services (Task Services), was not present in the certificate store. The site server communication profile is what will install this into the agent's store. In this case, by using a self-signed certificate, we were able to make a modification to the site server's communication profile. In this case, we just disabled the persistent connection and saved the settings. When the agents check in, they will see this change, and download and install the certificate. After about 24 hours, enable persistent connection again to restore full functionality.
Feedback
