Unable to integrate ServiceDesk Plus with Analytics Plus after applying SSL

Unable to integrate ServiceDesk Plus with Analytics Plus after applying SSL

Note: This problem occurs only with self signed certificates in Analytics Plus.

Issue:
[10:23:16:526]|[09-05-2016]|[SYSERR]|[INFO]|[68]|: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target|


Error:
SDP: FAILURE :Error in establishing communication with ManageEngine Analytics Plus server. Please verify your host, port details
OPM : Initial Sync Failed

SDP Troubleshooting:
When the integration is done, Servicedesk Plus will communicate with Analytics Plus and if does not have valid certificate, error occurs. You can confirm it by trying to upload sample csv data using <ServiceDesk home>\zreports\uploadtool\bin\CSVUploadGUI.bat, and if it prompts same error then its an issue with certificate.

Before proceeding with the steps below ensure the IAM_SERVER_URL entry matches the Analytics Plus server hostname in <ServiceDesk Plus Home>\zreports\uploadtool\conf\common_params.conf.  [Usually it will be pointing to cloud]

Troubleshooting:
1.      Download the attachment (certdgeneration.zip) and extract it under <Servicedesk Plus Home>

2.     Edit gencert.bat by replacing "D:\ZOHO\jre7\bin\java" with "<Servicedesk Plus Home>\jre\bin\java"

3.     Open cmd as Administrator and execute as below,
            gencert.bat <Analytics Plus server hostname or IP>:<Port> 

4.      You will be prompted with below message if the certificate is already trusted.
            Enter certificate to add to trusted keystore or 'q' to quit: [1]

5.      Enter 1 and hit Enter.

6.      After successful execution, you will be prompted as below with servername,
            For Eg: Added certificate to keystore 'jssecacerts' using alias 'Dinesh-1556-1'

7.     File 'jssecacerts' will be created under <ServiceDesk home>

8.    Take a backup of the existing jssecacerts fie  found under <ServiceDesk home>\ jre\lib\security\and replace with the new file.

9.   Restart Servicedesk Plus service.

For Linux:

1. Download the attached 'lincertgeneration' zip file and extract in ../ManageEngine/Servicedesk directory.

    After extraction you should find the below files.,

    gencert.sh under  ../ManageEngine/Servicedesk

    Cert.jar should be under  ../ManageEngine/Servicedesk/lib directory.


2. Connect to the console and goto  ../ManageEngine/Servicedesk and execute the command line with the below syntax.

 ../ManageEngine/Servicedesk]#sh gencert.sh AnalyticsPlusServer:portnumber

Example:../ManageEngine/Servicedesk]#sh gencert.sh AnalyticsPlus:8443


3. When you run the command You would receive an exception PKIX, and then it would ask to enter a value, enter '1', it will generate a file named 'jssecacerts' under ../ManageEngine/Servicedesk.


4. Move the 'jssecacerts' to the location  ../ManageEngine/Servicedesk/jre/lib/security folder and then restart the ServiceDesk Plus.


OPM Troubleshooting

A Valid Certificate has to be applied in Analytics Plus

      New to ADSelfService Plus?

        Resources