Symptoms
A public folder creation task fails with the following error:
Exception calling "Execute" with "3" argument(s): "The remote certificate is invalid according to the validation procedure.The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel."
When the https://CAS/ URL is opened in a browser, an error appears:
The security certificate presented by this website was issued for a different website's address
Cause
This error occurs because Operations Automation (OA) 5.5 public folder provisioning requests are routed through CAS servers.
The Windows Provisioning Engine (WPE) server makes a request on the backnet address of the CAS server, and receives an error about the incorrect server.
WPE handles this error by aborting the request.
This issue was identified as POA-79601 and is fixed in OA 5.5 updates.
Resolution
Access the CAS server - its hostname can be found in the WPE request tracer (on the WPE server) in the corresponding task details:
<data> <remoteAccess> <password secure_data="yes">************</password> <server>SERVERNAME</server> <user>pem_admin</user> </remoteAccess> </data>- Open IIS manager
- Go to Sites > Default website
- Access Bindings
- Change the
<BACKNET_IP:443>binding so the Microsoft Exchange Certificate is used - Make sure the certificate is issued by the CAS server to its own netbios name.
NOTE: Please make sure the 'Microsoft Exchange Certificate' is used with the backnet IP as this is used for WPE to communicate with Exchange CAS servers.
Finally, re-run the task.
NOTE: this procedure is to be applied on servers with CAS role only. If it handles additional roles, please contact Odin Technical Support team.