You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close
You are viewing the article in preview mode. It is not live at the moment.
Home > 330: Least Privilege Manager > Knowledge Base > 10: Netwrix Privilege Secure for Access Management Integration > 01: How to Resolve Could not establish trust relationship for the SSL or TLS Secure Channel error message
01: How to Resolve Could not establish trust relationship for the SSL or TLS Secure Channel error message
print icon

PROBLEM:

You receive the message below when trying to elevate an application via a Least Privilege Manager SbPAM policy.

 “There was an error while signing in. The underlying connection was closed: Could not establish trust relationship for the SSL/TLS Secure Channel.”

OR

“The communication with the NPS server requires trusted communication. Enable certificate bypass in NPS Global Settings to override.”

CAUSE:

There are no SSL Certificates set up for use in the SbPAM / NPS server, and Signing is currently enabled on the endpoints.
 

RESOLUTION:

For CSE versions BEFORE 23.7.3583…

Enable the PolicyPak ADMX Template setting below to BYPASS SSL Certificate verification on the endpoints.

Admin Templates > PolicyPak ADMX Settings > Client-Side Extensions > Least Privilege Manager > Bypass SbPAM server SSL certificate verification: ENABLED


For CSE versions AFTER 23.7.3583…
The PolicyPak ADMX Template setting to BYPASS SSL Certificate verification on the endpoints has been REMOVED from the PolicyPak ADMX Troubleshooting files.
INSTEAD, you will need to use the latest MMC snap-in; either from your NPS download or via the PolicyPak download.

Then in the Least Privilege Manager node, in the Global Netwrix Privilege Secure Settings, select YES to Enable Certificate bypass like what’s seen here.

PolicyPak Cloud also has this setting available in the in-cloud editor.  You perform the same operation using these steps seen here.

In all cases the endpoint is instructed to Bypass SSL Certification Verification check.  You can see the results on any particular endpoint like this.

Feedback
1 out of 1 found this helpful

scroll to top icon