Submit a ticketCall us
Home > Success Center > Network Performance Monitor (NPM) > NPM - Knowledgebase Articles > Desktop Alert Tool is unable to connect to the server

Desktop Alert Tool is unable to connect to the server

Created by Marjune Obana, last modified by Jose.BarbosaReis on Dec 08, 2017

Views: 2,857 Votes: 2 Revisions: 23


The NPM Desktop Notification Tool is unable to connect to the server and the following error appears: 

The exception has been thrown by the target of an invocation. 





When this problem occurs, the Orion Server - Windows System event log displays an error message pertaining to the untrusted certificate. A log example is provided below:


Schannel,(0),DOIT-PVOSW01.NMADS.lcl,"The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate.

3/30/2015 3:55:16 PM",Schannel,(0),DOIT-PVOSW01.NMADS.lcl,"A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 48. The Windows SChannel error state is 552.


The DNT fails with:

The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> The remote certificate is invalid according to the validation procedure.




NPM  version 11.5 and later


This issue occurs when you use a self-signed certificate on the Orion website that DNT does not trust.


  1. Export your Orion Web Console server's SSL certificate (the one bound to your Solarwinds NetPerfMon site in IIS, self-signed or otherwise) from the Certificate MMC Snap-In on the Orion Web Console server(s). Choose ".pfx" format with all extended properties chosen.
  2. Copy the ".pfx" file that was exported to your client computer(s). 
  3. On your client computer(s), start a new MMC by launching "MMC.exe" and then navigate to File > Add/Remove Snap-In, and then click Add. 
  4. Choose Certificates and click Add.
  5. Choose Computer account and then click Next.  3.png 
  6. Choose "Local Computer" for what the Snap-In will manage and click Finish. Click Ok again to exit the Add or Remove Snap-Ins window.
  7. Right-click the "Certificates" folder under "Trusted Root Certificates Authorities" and choose "Import"
  8. Import the web console server's certificate (exported from the web console server) in the Trusted Root Certification Authorities certificate store to allow all users to trust the certificate. 




OBs: If the above solution does not work, verify which port is running IIS and try to connect to the address:



Last modified