Support Automation does not launch for an "End User" when using a Self Signed SSL Certificate

Document ID : KB000030698
Last Modified Date : 14/02/2018
Show Technical Document Details

Symptoms:

Support Automation is a component of Service Desk Manager that uses its own Tomcat instance. It is possible to configure the Support Automation Tomcat to use SSL. Typically if a self signed certificate is used the end user's browser may get an error similar to:

"This server could not prove that it is *server*; its security certificate is not trusted by your computer's operating system. This may be caused by a misconfiguration or an attacker intercepting your connection."

Then the following error may be seen when trying to run the .exe

Untitled.png

This is due to the certificate coming from a source that the browser does not trust. If an error like this is received when attempting to launch Support Automation it will fail.

 

Environment:  

This problem will be present using any supported browser, this includes Internet Explorer, Firefox and Chrome. Please review the Certification Matrix for the release of Service Desk Manager you are using for more information.


Cause:

This is due to the certificate being provided from a source that the browser does not trust. If the browser triggers an error that it doesn't trust the certificate when attempting to launch Support Automation it will fail.  

 

 

Resolution:

 

The recommendation is to obtain an SSL certificate from a trusted certificate vendor.

It's also possible to manually import the certificate, which will allow it to function, but it would be required to perform these steps for each user's browser:

  1. Launch Support Automation and get to the point when the browser error is received

  2. Click on Certificate Error link in the browser (you may be able to do this by clicking on the icon for the certificate in the url section of the browser)
  3. Click on the "Install Certificate..." button in the Certificate window.

  4. Click on the "Next" button in the Certificate Import Wizard window.

  5. Select "Place all certificates in the following store" radio button, using "Browse..." button select " Trusted Root Certification Authorities" folder name and click on the Next button in the Certificate Import Wizard window.

  6. Click on the "Finish" button in the Certificate Import Wizard window.

  7. Click on the "Yes" button in the Security Warning window.

  8. Message is displayed as "The import was successful." with OK button in the Certificate Import Wizard window. and Click on "OK" button.

  9. Click on the "OK" button in the Certificate window.

  10. SA Analyst and SA End user should be launched without any errors.

  11. Once import is successful restart the browser and attempt to launch the session again.