Our export, data importer and event services will not stay started. The logs shows the error: The remote certificate is invalid according to the validation procedure

Document ID : KB000008174
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

We are running the CA Asset Portfolio Management product in SSL.  A new certificate was installed in IIS and it exists in the trusted root certificate store. 

The export, data importer and event services will not stay started and throw the error: 
System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure. 

Environment:
CA Asset Portfolio Management 12.x, 14.x or 17.x
Cause:

The certificate was installed properly, but had a different name than the original name.  The https binding in IIS did not contain the correct SSL certificate name. 

 

Resolution:

Open Internet Information Systems manager and perform these steps (on both the APM web and APM application servers): 

1.  Select the APMWebSite

2.  Select Bindings

3.  Edit the https binding

4.  Select the correct SSL certificate name by choosing 'Select...' 

Bindings.png

5.  Click OK

6.  Restart the APMWebSite

7.  Start the export, data importer and event services and verify that they stay started.  Review logs for errors. 

 

 

Additional Information:

Here is an additional technical document for complete steps on configuring CA Asset Portfolio Management and CA Software Asset Manager for SSL: 

https://support.ca.com/us/knowledge-base-articles.tec1989668.html