SSL error: Failed to establish chain from reply

SSL error: Failed to establish chain from reply

Hi there,

We're trying to set up ours with HTTPS and encountered the error when importing the certificate.

Can ADSS support SHA-2 certificate?
We have ServiceDesk Plus and use SHA-1 certificate since it won't take SHA-2.
If it does support SHA-2 ... read on!

We've received 2 certificates form GoDaddy as follow:
  • gd_bundle-g2-g1.crt
  • random_gibberish.crt -- > we've renamed this file to serverhost.cert for sanity's sake

so, following the instruction to copy the files as instructed by on the SSL tool on the ADSelfService console, I've run the following commands:

  • keytool -import -alias root -keystore selfservice.keystore -trustcacerts -file gd_bundle-g2-g1.crt
  • we have no cross nor intermediate certificate so we skipped the next 2 commands
  • keytool -import -alias tomcat -keystore selfservice.keystore -trustcacerts -file serverhost.crt

when running the 2nd command, it gave us the error:
C:\ManageEngine\ADSelfService Plus\jre\bin>keytool -import -alias tomcat -keystore selfservice.keystore -trustcacerts -file serverhost.crt
Enter keystore password:
keytool error: java.lang.Exception: Failed to establish chain from reply

Thank you for your advice.

              New to ADManager Plus?

                New to ADSelfService Plus?