During an attempt to configure IIS SSL in the SSL Wizard, configuration fails and getting the following in the jstd.log

04/09 09:19:08.146[SwingWorker-pool-2-thread-9] ERROR Task 426 Setting Task ID(task.enable.iis_ssl) state to Failed. Code(Failed to import the certificate with alias 'XXXX' into Windows Certificate Manager) 

04/09 09:19:08.161[SwingWorker-pool-2-thread-9] ERROR Messages 116 Unable to find message key(Failed to import the certificate with alias 'XXXX' into Windows Certificate Manager) in resource(com/ca/casm/sslconfigurator/resources/locale) locale(). Can't find resource for bundle java.util.PropertyResourceBundle, key Failed to import the certificate with alias 'XXXX' into Windows Certificate Manager 

04/09 09:19:08.161[SwingWorker-pool-2-thread-9] ERROR EnableSSLForIISSDMTask 145 Failed to import the certificate with alias 'XXXX' into Windows Certificate Manager

Release 17.3 or higher
CA Service Management

The IIS SSL configuration contains older certificate defintions which are conflicting with the certificates associated with the SSL Wizard configuration.

Less common:  The casm_sslconfig.bat may have been configured with an older JRE version

For the IIS SSL config, go into Internet Information Service Manager and do the following:

- Delete any existing bindings for SSL that were defined for SDM

- Delete any existing certificates which the SSL Wizard configuration may have imported

- In the SSL Wizard configuration directory, locate any keystore files that are not named the default "casm.keystore" and move them into a backup folder

- Run the SSL Wizard configuration and redo the IIS SSL config.

For the less common instance of an outdated JRE, make sure the casm_sslconfig.bat has been updated with the JRE that comes with Service Management.  The line of interest is:

SET SC_JAVA_HOME=C:\Program Files\CA\SC\JRE\11.0.18

In later versions of the utility, this line is pre-populated with the default location of the given JRE build