Gravatar for wvuong@captechconsulting.com

Question by wvuong, Apr 25, 2016 10:45 PM

The remote certificate is invalid according to the validation procedure.

I am trying to install Coveo in a test environment with CES on its own server. I have finished installing CES7 and the Search API on its own server and also have finished installing Coveo for Sitecore on the CM as well as the steps outlined here: https://developers.coveo.com/display/public/SitecoreV3/Setting+Up+Coveo+for+Sitecore+in+a+Remote+Server+Configuration.

I am now trying too rebuild the indexes but I am getting the following error when I try to open the indexing manger: "The remote certificate is invalid according to the validation procedure." as well as the following errors on the diagnostic page

alt text

1 Reply
Gravatar for jflheureux@coveo.com

Answer by Jean-François L'Heureux, Apr 26, 2016 9:54 AM

Hi,

From your error messages, I guess you enabled Admin Service security when installing CES and Coveo for Sitecore.

I have a few questions for you:

  • Did you generate a self signed certificate or you used an existing certificate?
  • Is your <AdminServiceUri> element value have the same hostname as the certificate hostname? This is mandatory for trust.

I recommend you to read this documentation, common issues and other questions, try the recommended solutions and reply here with your findings:

  • https://developers.coveo.com/display/SitecoreV3/Securing+the+Admin+Service
  • https://developers.coveo.com/pages/viewpage.action?pageId=33587712
  • https://answers.coveo.com/questions/4587/could-not-establish-trust-relationship-for-ssltls
  • https://answers.coveo.com/questions/5289/enable-admin-service-security-after-an-unsecure-installation

Thanks,

Jeff

Gravatar for wvuong@captechconsulting.com

Comment by wvuong, Apr 26, 2016 10:13 AM

I did enable Admin Service Security.

In terms of the certificate. I followed step 17f here: https://onlinehelp.coveo.com/en/ces/7.0/administrator/installingcesonthemaster_server.htm

and 7b here: https://developers.coveo.com/display/public/SitecoreV3/Installing+Coveo+for+Sitecore

The AdminServiceUri element value has the hostname of the server where I created the certificate (CES Server) in step 17f

Gravatar for jflheureux@coveo.com

Comment by Jean-François L'Heureux, Apr 26, 2016 10:18 AM

That's very good. Thank you.

Can you try accessing the AdminServiceUri in a browser from both the CES server and the Sitecore server. It's normal to have a certificate warning in the browser. This validation is to check whether the Admin Service is started and running on the 443 port correctly.

Maybe your 443 port is already used by another process. Maybe the Admin Service is stopped.

Gravatar for wvuong@captechconsulting.com

Comment by wvuong, Apr 26, 2016 10:42 AM

When navigating to https://ces-hostname/adminservice on both the CES server and the sitecore CM server i get the following https://captechventuresinc-my.sharepoint.com/personal/wvuongcaptechventurescom/_layouts/15/guestaccess.aspx?guestaccesstoken=wRaJrUxZkB6y2ls105DvtVHUrhDY8u%2fKrG8V2qRyyL0%3d&docid=05023d4bb37c5463db413764d2f4e3e71

Gravatar for jflheureux@coveo.com

Comment by Jean-François L'Heureux, Apr 26, 2016 1:28 PM

Maybe the administrator user used in the Coveo for Sitecore installer at step 7b didn't have enough rights on the machine to install the admin service certificate in the "Trusted Root Certification Authorities" system certificate store. Can you verify in this system certificate store and validate the Admin Service certificate is really installed in it please?

Also, in which environment is the browser you are using to open the Coveo for Sitecore Diagnostic Page? Do you open it on a browser directly on the Sitecore server or from another machine? It would be good to test it directly on the Sitecore server with an URL like http://<TheSitecoreInstanceName> /sitecore%20modules/Web/Coveo/Admin/CoveoDiagnosticPage.aspx. There might be a problem when accessing the page from another machine when there are proxys or virtual IPs to access the Sitecore instance.

Lastly, could you expand all the errors in the Diagnostics Page by clicking on their "Show details" button. and copy the errors here. I would like to know the inner exception message.

Thank you for your collaboration.

Jeff

Gravatar for wvuong@captechconsulting.com

Comment by wvuong, Apr 26, 2016 2:01 PM

After reading through the documentation again to see if I had entered in something wrong I realized for the AdminServiceUri I was entering in the hostname incorrectly i though it was "foo.bar.com" when it was just "foo".

Thanks for all your help.

Ask a question