Issue description   

When attempting to integrate ADManager Plus with ServiceDesk Plus on-prem, users encounter the following errors:

• ADManager Plus integration failed.

• Unexpected end of file from server.
  

Possible causes   

These errors often indicate an issue with the SSL certificate trust stores either in ServiceDesk Plus  or ADManager Plus when running in HTTPS mode. The trust stores of each application must contain the appropriate SSL certificate components to ensure secure communication.

Prerequisites   

Before proceeding with the resolution steps, ensure the following:

• Administrative access to the server and web console of both ADManager Plus and ServiceDesk Plus.

• SSL certificate configured in ADManager Plus and ServiceDesk Plus (preferred format .pfx, .crt, .cer, .p12).

Resolution 

Case 1: ServiceDesk Plus running in HTTPS   

If ServiceDesk Plus is running in HTTPS, its SSL certificate must be imported into ADManager Plus' trust store (ADManager Plus\jre\lib\security\cacerts).

Step 1: Export the SSL certificate from ServiceDesk Plus 

1. If the certificate is in .pfx format:

• Right-click the .pfx certificate and select Install Certificate.

• Choose Trusted Root Certificate Authorities as the target store.

• Complete the installation.

2. Open the Certificate Management console (mmc.exe) from the Windows search.

3. Navigate to Trusted Root Certificate Authorities > Certificates.

4. Locate the certificate based on the Issued To column (e.g., *.domain.com).

5. Right-click the certificate > All Tasks > Export.

6. When prompted, enter the password for the .pfx certificate.

7. Select DER encoded binary X.509 (.CER) format and export it as sdp-ssl-cert-1.cer.

 Step 2: Import the SSL certificate into ADManager Plus   

1. Copy sdp-ssl-cert-1.cer to ADManager Plus\jre\bin.

2. Open the Command Prompt as Administrator and navigate to ADManager Plus\jre\bin.

3. Run the command keytool -import -trustcacerts -alias sdp_ssl_cert -file sdp-ssl-cert-1.cer -keystore ..\lib\security\cacerts.

4. When prompted for a password, enter changeit.

5. Confirm by typing yes when asked to trust the certificate.

Step 3: Restart ADManager Plus   

Restart the ADManager Plus service for the changes to take effect.

Case 2: ADManager Plus running in HTTPS   

If ADManager Plus is running in HTTPS, its SSL certificate must be imported into ServiceDesk Plus’ trust store (ServiceDesk Plus\jre\lib\security\cacerts).

Step 1: Export the SSL certificate from ADManager Plus   

Follow the same procedure as given in step 1 of case 1, but export the certificate as admp-ssl-cert-1.cer.

Step 2: Import the SSL certificate into ServiceDesk Plus   

1. Copy admp-ssl-cert-1.cer to ServiceDesk Plus\jre\bin.
   

2. Open the Command Prompt as Administrator and navigate to ServiceDesk Plus\jre\bin.

3. Run the command keytool -import -trustcacerts -alias admp_ssl_cert -file admp-ssl-cert-1.cer -keystore ..\lib\security\cacerts.

4. When prompted for a password, enter changeit.

5. Confirm by typing yes when asked to trust the certificate.
   

Step 3: Restart ServiceDesk Plus  

Restart the ServiceDesk Plus service for the changes to take effect.

Tips   

• Verify SSL certificates: Use the following command to list certificates in the keystore:

• keytool -list -keystore ..\lib\security\cacerts

• Password changeit.

• Check certificate expiry: Run the command openssl x509 -enddate -noout -in certificate.cer to check the expiration date of a certificate.

• Debug connection issues: If errors persist, enable SSL debugging by adding the following JVM argument:

• -Djavax.net.debug=all

• This helps diagnose handshake failures and certificate mismatch.

• Update Java keystore: If changeit does not work, ensure the correct Java version is used and check for multiple Java installations.

How to reach support