Issue
When trying to access a web service via https the following error is received:
Failed to invoke web service. The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Resolution
-Navigate to Central Administration > Security > Manage Trust and visually confirm the certificate being used for HTTPS/SSL traffic is added.
-Re-import the certificate and re-test the Web Service.
It is also recommended to ensure that all the certificates required by Nintex Workflow are imported into the above page in CA. These are:
a. Baltimore CyberTrust Root.crt
b. GTECyberTrust Global Root.cer
c. Microsoft Internet Authority.cer
d. Microsoft Secure Server Authority.cer
e. Thawte Primary Root CA.cer
f. Thawte SSLCA.cer
g. Thawte SSL CA_SHA2.cer
Note: Copies of these certificates and be retrieved from the Nintex installer, if you manually export the Nintex resources, instead of running the installer automatically.
Additional Information
This is caused by an invalid SSL certificate on the destination web service.
There are four possible causes for this:
-The certificate was generated by an untrusted source.
-The certificate has expired.
-The certificate name does not match the URL used to access the web service.
-HTTPS/SSL certificates have not been installed in the SharePoint environment.
When we call a web service from a workflow Nintex uses the existing SharePoint API's which require the proper certificates to be in place. The "Failed to invoke web service" error is effectively SharePoint's version of a certificate warning. In the ULS logs for the corresponding time we would expect to see:
"The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel"