Submit a ticketCall us

Don’t fall victim to a ransomware attack
Backups are helpful, but sometimes that’s not enough to protect your business against ransomware. At our live webcast we will discuss how to protect against ransomware attacks with SolarWinds® Patch Manager and how to leverage log data to detect ransomware. Register now for our live webcast.

Home > Success Center > Network Performance Monitor (NPM) > Error: The underlying connection was closed: could not establish trust relationship for the SSL/TLS secure channel

Error: The underlying connection was closed: could not establish trust relationship for the SSL/TLS secure channel

Created by James Fahey, last modified by Jonathon.Privett on Nov 02, 2016

Views: 2,129 Votes: 7 Revisions: 4

Overview

This article describes the issue when you try to export data, graphs, tables, or reports from the Orion Web Console and it throws the error message:

The underlying connection was closed: could not establish trust relationship for the SSL/TLS secure channel.

Environment

  • All Orion Core Platform
  • All versions of Orion products

Cause 

The issue is occurs when the Orion Web Console is using HTTPS with SSL and the Certificate path has an invalid certificate or it is not imported into the Trusted Root Certificate Authorities Store.

Resolution

  1. Go to the Orion server and go to Start > Administrative Tools > Internet Information Service (IIS) Manager.
  2. Expand the Application Pool, then Sites, and right-click on the SolarWinds NetPerfMon website and select Edit bindings.
  3. Click the type HTTPS Port 443 and choose Edit.
  4. In the Add Site Binding window, go to the SSL Certificate, and click on Select or view to view the Certificate.
  5. Go to the General Tab to see if there are any statements or purposes listed, if there are none and these messages appear: "This CA Root certificate is not trusted. To enable trust, install this certificate in the Trusted Root Certification Authorities store" or "This certificate cannot be verified up to the trusted certification authority" the certificate is not trusted.
  6. The certificate needs to be imported into the proper store, do this by going to Start > Search MMC.exe > click File > select Add/Remove Snap-in... > Select Certificates, click Add, choose Computer Account, click Next and choose Local computer and Finish > click Ok.
  7. Go to the store where the certificate is not trusted is located, selected it and right-click to go to All Tasks to Export.
  8. Go to the store, in this case, the Trusted Root Certification Authorities store, right-click, choose All Tasks and select Import, and select the certificate.
  9. Go back to Internet Information Services (IIS) Manager and restart the website.

 

Links:

https://technet.microsoft.com/en-us/...(v=ws.10).aspx

http://www.iis.net/learn/manage/conf...ssl-on-iis#SSL

 

 

 

Last modified
09:23, 2 Nov 2016

Tags

Classifications

Public