This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SMC with SCEP connection

Hi Guys,

I'm working on configuring SMC and during SCEP setup it gives me message "Could not connect to CA server" when I click Save button.

I checked the logs and it seems like SMC server establishes connection with a SCEP server, and for the first time it says that connection is untrusted and adds a certificate, but then I see that it keeps re-adding this same certificate(I guess for the further tries):

 
2017-04-20 10:46:52,031 INFO  [com.sophos.mobilecontrol.server.session.service.x509.CertImporter] (default task-99) opening connection to scep.companyname.com:443...
2017-04-20 10:46:52,187 INFO  [com.sophos.mobilecontrol.server.session.service.x509.CertImporter] (default task-99) starting SSL handshake...

2017-04-20 10:46:52,202 INFO  [com.sophos.mobilecontrol.server.session.service.x509.CertImporter] (default task-99) could not connect to "scep.companyname.com:443", most likely untrusted

2017-04-20 10:46:52,202 INFO  [com.sophos.mobilecontrol.server.session.service.x509.CertImporter] (default task-99) adding certificate to customer truststore (keystore), cert="[

2017-04-20 10:46:52,202 INFO  [com.sophos.mobilecontrol.server.session.service.x509.CertImporter] (default task-99) successfully added certificate to customer truststore (keystore), alias 'scep.companyname.com-1-scep'
 
2017-04-20 10:46:52,218 INFO  [com.sophos.mobilecontrol.server.session.service.x509.CertImporter] (default task-99) successfully added certificate to customer truststore (keystore), alias 'scep.companyname.com-2-scep'
 
The certificate is issued by a trusted authority.
I also tried adding it to the Trusted Root Certification Authorities, under a computer account.
Both SMC and SCEP servers are in the same LAN, but SMC server has two network interfaces and uses another network interface for the outgoing traffic(has a default gateway assigned to it).
SCEP server is a part of a domain, SMC server is NOT in a domain.
Did anyone ever had this problem or have any idea what may it be?


This thread was automatically locked due to age.
Parents Reply Children