The Service Desk Manager Connector fails to function when SSL is enabled for Service Desk Manager

Document ID : KB000056644
Last Modified Date : 21/06/2018
Show Technical Document Details

If Service Desk Manager is configured for SSL you may run into a situation where the Service Desk Manager Connector fails to connect successfully. You may see errors logged similar to:

14:48:56.022 ERROR GRLoader 297 nested exception is: PKIX path validation failed: timestamp check failed
14:48:56.022 INFO GRLoaderInitializer 40 GRLoader initialization
returned value :1
14:48:56.131 INFO TCP_port 1581 TCP_port wait interrupted
14:48:56.240 FATAL ConnectorHelper 180 Unable to connect to Service
Desk Manager. GRLoader
Initialization Failed. Please check the GRLoader parameters and try Again.

To resolve the SSLHandshakeException error the SSL certificate from Service Desk Manager must be imported into the cacerts associated with the Service Desk Manager Connector.

  1. Open a web browser, and access the webservice url (for example https://SERVERNAME:8443/axis/services/USD_R11_WebService)


  1. From the browser, export the https certificate and save it to the local machine (for example, save as: C:\sdm.crt)


  1. Copy the sdm.crt file to the server and with a command prompt (running as Administrator) navigate to the Service Desk Manager Connector java folder, this will typically be

"C:\Program Files (x86)\CA\Catalyst\CatalystConnector\...”

If the Connector was installed using the 32-bit Java enter the JRE directory

If the Connector was installed using the 64-bit Java enter the JRE-64 directory

Note: If the 32-bit Java was selected during the install process only the “JRE” folder will be present

4.    Run the following command:

bin\keytool -import -keystore lib\security\cacerts -file c:\sdm.crt

Note:  The above command should import the c:\sdm.crt certificate to the JRE_HOME\lib\security\cacerts  keystore.  JRE_HOME refers to the 32-bit or 64-bit JRE as mentioned above.

For detailed usage of keytool you may refer


5.      When prompted for a password, use the default which is "changeit".


6.      Restart the Service Desk Manager Connector services.