Error: "Unable to connect to RM Unify" when registering RM Unify AD Sync
Published Date : 13 Jun 2013
Last Updated : 25 Jul 2024
Content Ref: TEC3340337
Operating System
(none)
Part No
(none)
Summary
Explains why you may be seeing an error when configuring the RM Unify AD Sync Configuration Tool on your server.
Symptoms
After entering the Organisation Code and Registration Code into the RM Unify AD Sync Configuration Tool, you select Save, then Register, and receive one of the following errors:
"Unable to connect to RM Unify - review service log for more information".
"Unable to connect to RM Unify through the proxy server provided".
When you review the service log (%Program Files%/RM/RM Unify AD Sync Service/Logfiles/<date+time>.csv), you may find the following entry:
System.ServiceModel.Security.SecurityNegotiationException: Could not establish trust relationship for the SSL/TLS secure channel with authority 'api.platform.rmunify.com'. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
Cause
Registration has failed because at least one of the following conditions exist:
The server's date and\or time are incorrect.
There is an issue with one or more of the root certificates on the server.
Requirements
Check the date and time on the server
If incorrect, adjust and rerun the RM Unify AD Sync Configuration Tool.
If correct follow the 'Check root certificates' and 'Download and install a certificate' procedures below.
If you are presented with a warning page "There is a problem with this website's security certificate" then you have a root certificate issue. Note: Please also refer to the More Information section below.
Identifying which root certificate has an issue will depend on the browser used. Here are instructions for Windows Internet Explorer® and Mozilla® Firefox®.
Instructions for Internet Explorer:
On the warning page, click the 'Pad lock' icon shown next to the URL in the browser bar.
Click View Certificates.
Click the Certification Path tab.
You should see three certificates:
Thawte (also known as Thawte Primary Root CA).
Thawte SSL CA.
api.platform.rmunify.com.
One of the Thawte certificates will be missing or corrupt.
If all three certificates are present, click each one to check their status and identify the corrupt certificate.
Instructions for Mozila Firefox:
On the warning page, click the 'Pad lock' icon shown next to the URL in the browser bar.
Click More Information, View Certificate.
Click the Details tab.
You should see three certificates:
Thawte Primary Root CA.
Thawte SSL CA.
api.platform.rmunify.com.
One of the Thawte certificates will be missing or corrupt.
If all three certificates are present, click each one to check their status and identify the corrupt certificate.
Procedure
Download and install a root certificate
The following instructions are for installing the Thawte Primary Root CA certificate on Windows Server 2008® R2. Please adjust the instructions depending on the missing certificate and your server's operating system.
Select All Tasks, Import (to launch the Certificate Import Wizard).
In the Wizard, click Next.
Click Browse.
Select the .pem file you saved in step 4 in the 'Download a certificate' section above and click Open.
Click Next.
Click 'Place all certificates in the following store' and select the Trusted Root Certification Authorities store.
Click Next, Finish.
Click OK to the successful message.
Once you have resolved the certificates issue, please rerun the RM Unify AD Sync Configuration Tool.
Possible Issues
Windows Update
If you complete the above steps and RM Unify registration still fails, you may be missing a required Windows Update. The Windows Update mechanism can be used to check for any required or pending updates to the server's root certificates. Visit http://windowsupdate.microsoft.com for more information.
Note: Please consult with your network support provider before applying any updates to your server.
After completing any required Windows Updates, please restart the server and run the RM Unify AD Sync Configuration Tool.
Further assistance
If the issue persists, please log a call with RM Support for further investigation.
More Information
403 - Forbidden: Access is Denied
When accessing the URL: https://api.platform.rmunify.com you may see a "403 - Forbidden: Access is Denied" error page, either before or after the certificate warning page. This 403 error page is expected behaviour and does not constitute a further issue.
If this article has not helped provide a solution then it is also possible to
log a call...
Document Keywords: 3340337, .csv, Error: "Unable to connect to RM Unify" when registering RM Unify AD Sync, root cert, certs, certificate, reg key, registration, TEC3340337