DMDynamicWorkflow and SSL – The root of the certificate chain is not a trusted root authority..

I was on site at a client trying to build a simple workflow on a new Project Server 2010 deployment. This deployment had a SSL PWA site, and I have installed the DM Dynamic Workflow Solution Starter and this all went fine at this stage.

The form to build the workflow initially loaded, however when I clicked Next an error generated in the Application Event Log;

An operation failed because the following certificate has validation errors:\n\nSubject Name: CN=*, OU=Domain Control Validated, O=*\nIssuer Name: SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=, O=”, Inc.”, L=Scottsdale, S=Arizona, C=US\nThumbprint: ****************************************\n\nErrors:\n\n The root of the certificate chain is not a trusted root authority..

The SSL on the site was ok with no red errors – but the solution clearly wasn’t liking SSL – Dropping SSL from the web app (back to port 80 with a host header) and the solution was fine. But we needed SSL!

Putting the SSL Certificate in Manage Trusts (Exporting it via the Lock icon in IE) was not sufficient, nor was messing around adding it via the MMC.

The fix was to put the Root and Intermediate Certificates in Manage Trusts as well.

On the PWA page thats SSL, go to the certificates bit in IE, and export all three listed (not just the one you go into by default) and then add all three (CER) files to Manage Trusts (located in SharePoint Central Administration);

All three certificates need adding to manage trusts

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s