cancel
Showing results for 
Search instead for 
Did you mean: 

Failed to invoke web service due to trust relationship with the SSL/TLS secure channel

Issue

When trying to access a web service via https the following error is received:

 

Failed to invoke web service. The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

Resolution

-Navigate to Central Administration > Security > Manage Trust and visually confirm the certificate being used for HTTPS/SSL traffic is added.
-Re-import the certificate and re-test the Web Service.

 

It is also recommended to ensure that all the certificates required by Nintex Workflow are imported into the above page in CA. These are:

     a. Baltimore CyberTrust Root.crt
     b. GTECyberTrust Global Root.cer
     c. Microsoft Internet Authority.cer
     d. Microsoft Secure Server Authority.cer
     e. Thawte Primary Root CA.cer
     f.  Thawte SSLCA.cer
     g. Thawte SSL CA_SHA2.cer

 

Note: Copies of these certificates and be retrieved from the Nintex installer, if you manually export the Nintex resources, instead of running the installer automatically.

 

https://community.nintex.com/t5/Community-Blogs/Nintex-Certificate-Errors-when-installing-configurin...

Additional Information

This is caused by an invalid SSL certificate on the destination web service.

 

There are four possible causes for this:
-The certificate was generated by an untrusted source.
-The certificate has expired.
-The certificate name does not match the URL used to access the web service.
-HTTPS/SSL certificates have not been installed in the SharePoint environment.


When we call a web service from a workflow Nintex uses the existing SharePoint API's which require the proper certificates to be in place. The "Failed to invoke web service" error is effectively SharePoint's version of a certificate warning. In the ULS logs for the corresponding time we would expect to see:

"The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel"

 

Related Links

Version history
Revision #:
1 of 1
Last update:
‎02-09-2021 08:46 AM
Updated by:
 
Contributors