ADManager Plus and ServiceDesk Plus integration failure due to SSL error

ADManager Plus and ServiceDesk Plus integration failure due to SSL error

Issue description   

When attempting to integrate ADManager Plus with ServiceDesk Plus on-prem, users encounter the following errors:

  • ADManager Plus integration failed.

  • Unexpected end of file from server.

Possible causes   

These errors often indicate an issue with the SSL certificate trust stores either in ServiceDesk Plus  or ADManager Plus when running in HTTPS mode. The trust stores of each application must contain the appropriate SSL certificate components to ensure secure communication.

Prerequisites   

Before proceeding with the resolution steps, ensure the following:

  • Administrative access to the server and web console of both ADManager Plus and ServiceDesk Plus.

  • SSL certificate configured in ADManager Plus and ServiceDesk Plus (preferred format .pfx, .crt, .cer, .p12).

Resolution 

Case 1: ServiceDesk Plus running in HTTPS   

If ServiceDesk Plus is running in HTTPS, its SSL certificate must be imported into ADManager Plus' trust store (ADManager Plus\jre\lib\security\cacerts).

Step 1: Export the SSL certificate from ServiceDesk Plus 

  1. If the certificate is in .pfx format:

    • Right-click the .pfx certificate and select Install Certificate.

    • Choose Trusted Root Certificate Authorities as the target store.

    • Complete the installation.

  1. Open the Certificate Management console (mmc.exe) from the Windows search.

  2. Navigate to Trusted Root Certificate Authorities > Certificates.

  3. Locate the certificate based on the Issued To column (e.g., *.domain.com).

  4. Right-click the certificate > All Tasks > Export.

  5. When prompted, enter the password for the .pfx certificate.

  6. Select DER encoded binary X.509 (.CER) format and export it as sdp-ssl-cert-1.cer.

 Step 2: Import the SSL certificate into ADManager Plus   

  1. Copy sdp-ssl-cert-1.cer to ADManager Plus\jre\bin.

  2. Open the Command Prompt as Administrator and navigate to ADManager Plus\jre\bin.

  3. Run the command keytool -import -trustcacerts -alias sdp_ssl_cert -file sdp-ssl-cert-1.cer -keystore ..\lib\security\cacerts.

  4. When prompted for a password, enter changeit.

  5. Confirm by typing yes when asked to trust the certificate.

Step 3: Restart ADManager Plus   

Restart the ADManager Plus service for the changes to take effect.

Case 2: ADManager Plus running in HTTPS   

If ADManager Plus is running in HTTPS, its SSL certificate must be imported into ServiceDesk Plus’ trust store (ServiceDesk Plus\jre\lib\security\cacerts).

Step 1: Export the SSL certificate from ADManager Plus   

Follow the same procedure as given in step 1 of case 1, but export the certificate as admp-ssl-cert-1.cer.

Step 2: Import the SSL certificate into ServiceDesk Plus   

  1. Copy admp-ssl-cert-1.cer to ServiceDesk Plus\jre\bin.
  2. Open the Command Prompt as Administrator and navigate to ServiceDesk Plus\jre\bin.

  3. Run the command keytool -import -trustcacerts -alias admp_ssl_cert -file admp-ssl-cert-1.cer -keystore ..\lib\security\cacerts.

  4. When prompted for a password, enter changeit.

  5. Confirm by typing yes when asked to trust the certificate.

Step 3: Restart ServiceDesk Plus  

Restart the ServiceDesk Plus service for the changes to take effect.

Tips   

  • Verify SSL certificates: Use the following command to list certificates in the keystore:

    • keytool -list -keystore ..\lib\security\cacerts

    • Password changeit.

  • Check certificate expiry: Run the command openssl x509 -enddate -noout -in certificate.cer to check the expiration date of a certificate.

  • Debug connection issues: If errors persist, enable SSL debugging by adding the following JVM argument:

    • -Djavax.net.debug=all

    • This helps diagnose handshake failures and certificate mismatch.

  • Update Java keystore: If changeit does not work, ensure the correct Java version is used and check for multiple Java installations.

By following these steps and tips, the ADManager Plus and ServiceDesk Plus integration failure can be resolved efficiently, ensuring secure communication between the products.

How to reach support   

If the issue persists, contact our support team here

                  New to ADSelfService Plus?

                    • Related Articles

                    • How to integrate ADManager Plus with ServiceDesk Plus?

                      Objective: To integrate ADManager Plus with ServiceDesk Plus Solution: The ADManager Plus-ServiceDesk Plus integration allows administrators to perform Active Directory management operations directly from the ServiceDesk Plus console. Using the ...
                    • How to integrate ADManager Plus with ServiceDesk Plus

                      The ADManager Plus-SeviceDesk Plus integration allows administrators to perform Active Directory management operations directly from the ServiceDesk Plus console. Using the ServiceDesk Plus console, administrators or help desk technicians can perform ...
                    • Unable to start ADManager Plus

                      Issue description ADManager Plus may sometimes fail to start, either displaying an error message while initiating as a console or stopping unexpectedly during the startup process. This issue can disrupt administrative tasks and delay critical ...
                    • Error due to invalid credential while generating Microsoft 365 reports in ADManager Plus

                      Issue description Users of ADManager Plus may encounter this issue where they are unable to generate Microsoft 365 user login reports. This can hinder administrative tasks such as auditing, monitoring user activity, and meeting compliance ...
                    • ADManager Plus upgrade failure

                      Issue description Upgrade failure occurs when background processes from the ADManager Plus installation folder are still running. During an upgrade, if files within the installation directory are being accessed by other processes, the upgrade may ...