SPS is saying that the certificate is not valid even though the cert and CA chain are imported into the cert store

Document ID : KB000112569
Last Modified Date : 30/08/2018
Show Technical Document Details
Issue:
With SPS version 12.52 SP1 CR8. Certificate and CA chain has been added to the Certificate store.

[06/21/2018][15:19:23][2128][2152][104c864e-a2cca534-12022830-dbb2dd02-145229f5-231][execute][Sending request to backend = web-server.domain.com url = https://web-server.domain.com]
[06/21/2018][15:19:23][2128][2152][104c864e-a2cca534-12022830-dbb2dd02-145229f5-231][requestConnection(): ][Get connection: HttpRoute[{s}->https://web-server.domain.com], timeout = 180000]
[06/21/2018][15:19:23][2128][2152][104c864e-a2cca534-12022830-dbb2dd02-145229f5-231][openConnection()][Connecting to web-server.domain.com/130.14.29.120:443]
[06/21/2018][15:19:23][2128][2152][104c864e-a2cca534-12022830-dbb2dd02-145229f5-231][releaseConnection(): ][Released connection is not reusable.]
[06/21/2018][15:19:23][2128][2152][104c864e-a2cca534-12022830-dbb2dd02-145229f5-231][execute][Certificate for is not trusted or bad certificate]
Environment:
12.52 SP1 CR8
Cause:
Even though the Certificate and CA chain are added to the Certificate store for SPS, the Proxy Engine is limited to communicating with TLSv1.0. The TLSv1.1 and TLSv1.2 need to specifically be listed in the versions parameter in the server.conf file.
Resolution:
In the Server.conf file in the proxy-engine/conf/ folder you will need to find the tag named <sslparams>. There is a property named versions. Its current value is "TLSV1" You will need to change it to be "TLSV1,TLSv1.1,TLSv1.2"

Restart the SPS Proxy Engine Service and you should be able to connect to the TLSv1.2 HTTP server being proxied to.