Submit a ticketCall us

Training Class Getting Started with SolarWinds Backup - February 28

This course offers customers an introduction to SolarWinds Backup, focusing on configuring the backup technology, taking backups, data restoration and data security. It is a great primer and will get you up to speed quickly on SolarWinds Backup.
Register for class.

Home > Success Center > Orion Platform > Certificate errors when accessing the Orion Web Console

Certificate errors when accessing the Orion Web Console

Updated Feb 10, 2017

Overview

You may encounter certificate errors when accessing the Orion Web Console, even if you have successfully set up SSL bindings using the Configuration Wizard.

If you investigate the logs, an event similar to the following appears in the Windows application log:

Log Name: Application
Source: Microsoft-Windows-CAPI2
Date: 24/10/2016 12:49:10
Event ID: 4108
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: ...
Description:
Successful auto delete of third-party root certificate:: subject [certificate name and hash]

Environment

Any product running Orion Platform 2017.1, such as

  • NPM 12.1
  • SAM 6.4

Cause 

When you generate a self-signed certificate through the Configuration Wizard, the operating system may delete it because it is considered a third-party generated certificate. This happens when you use a group policy that automatically updates the root certificates.

Resolution

There are two options:

  • Modify the group policy
  • Generate a self-signed certificate through IIS Manager

Modify the group policy

  1. Login to the Orion server as an administrator or login to the domain controller.
  2. Open the local Group Policy Editor (Orion server) or Group Policy Management (domain controller).
    • For the local Group Policy Editor, press Windows key + R, and enter gpedit.msc 
    • For Group Policy Management, press Windows key + R, and enter gpmc.msc
  3. Open Internet Communication Settings.
    • For the local Group Policy Editor, click Computer Configuration > Administrative Templates > System > Internet Communication Management > Internet Communication Settings.
    • For Group Policy Management, click Group Policy Objects, edit the enabled Group Policy, and then click Computer Configuration > Administrative Templates > System > Internet Communication Management > Internet Communication Settings.
  4. Enable Turn off Automatic Root Certificate Update.

Run the Configuration Wizard again to bind the Orion Web Console to a certificate.

Generate a self-signed certificate

  1. Login to the Orion server as an administrator.
  2. Open IIS Manager.
  3. Open Server Certificates, and click Create Self-Signed Certificate from the actions menu.
  4. Complete the certificate wizard.

Run the Configuration Wizard again to bind the Orion Web Console to this certificate.

 

Last modified

Tags

Classifications

Public