Submit a ticketCall us

Have You Auto Renewed? If not, you're missing out.
The SolarWinds Renewal Program comes with a host of benefits including the most recent product updates, 24/7 technical support, virtual instructor-led training and more. Experience all of this with the convenience of Auto Renewal, and never worry about missing any of these great benefits. Learn More.

Home > Success Center > Orion Platform > Certificate errors when accessing the Orion Web Console

Certificate errors when accessing the Orion Web Console

Updated Feb 10, 2017

Overview

You may encounter certificate errors when accessing the Orion Web Console, even if you have successfully set up SSL bindings using the Configuration Wizard.

If you investigate the logs, an event similar to the following appears in the Windows application log:

Log Name: Application
Source: Microsoft-Windows-CAPI2
Date: 24/10/2016 12:49:10
Event ID: 4108
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: ...
Description:
Successful auto delete of third-party root certificate:: subject [certificate name and hash]

Environment

Any product running Orion Platform 2017.1, such as

  • NPM 12.1
  • SAM 6.4

Cause 

When you generate a self-signed certificate through the Configuration Wizard, the operating system may delete it because it is considered a third-party generated certificate. This happens when you use a group policy that automatically updates the root certificates.

Resolution

There are two options:

  • Modify the group policy
  • Generate a self-signed certificate through IIS Manager

Modify the group policy

  1. Login to the Orion server as an administrator or login to the domain controller.
  2. Open the local Group Policy Editor (Orion server) or Group Policy Management (domain controller).
    • For the local Group Policy Editor, press Windows key + R, and enter gpedit.msc 
    • For Group Policy Management, press Windows key + R, and enter gpmc.msc
  3. Open Internet Communication Settings.
    • For the local Group Policy Editor, click Computer Configuration > Administrative Templates > System > Internet Communication Management > Internet Communication Settings.
    • For Group Policy Management, click Group Policy Objects, edit the enabled Group Policy, and then click Computer Configuration > Administrative Templates > System > Internet Communication Management > Internet Communication Settings.
  4. Enable Turn off Automatic Root Certificate Update.

Run the Configuration Wizard again to bind the Orion Web Console to a certificate.

Generate a self-signed certificate

  1. Login to the Orion server as an administrator.
  2. Open IIS Manager.
  3. Open Server Certificates, and click Create Self-Signed Certificate from the actions menu.
  4. Complete the certificate wizard.

Run the Configuration Wizard again to bind the Orion Web Console to this certificate.

 

Last modified

Tags

Classifications

Public