Users logon SF website with an error "invalid certificate"

Users logon SF website with an error "invalid certificate"

book

Article ID: CTX475156

calendar_today

Updated On:

Description

Some users logon SF website with certificate alerts:
image.png
image.png

CDFTrace analysis:
1445,0,2022/11/30 07:52:35:95338,6196,8164,1,WebHelper,,0,,1,Error,"[[Main]] Failed: System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

Resolution

1. Logon the user on a normal Win10 client with correct certificate chain.
2. Copy all certificates in the certificate chain from the normal Win10 Client.
3. Install certificate chain (including all intermediate certificates ) to the issued client local machine's Root Trust Certificate List:
MMC->File(Add/Remove snap-in...)->Certificates->Add->Computer account->Local computer->Finish->Ok
Certificates->Trusted Root Certificate Authorities->Right click" Certificates"->All Tasks->Import

Problem Cause

Intermediate certificate corrupted