Home » Support » Appian Knowledge Base » KB-2275 SSL connection could not be established for Appian RPA auto login service due to an invalid certificate

KB-2275 SSL connection could not be established for Appian RPA auto login service due to an invalid certificate

Symptoms

Using the Appian RPA feature "allow Appian to sign-in", the service cannot connect with the console and the following error is present inside the appianAutoLogin.log:

|ERROR|LoginAgent.AutoLoginService|System.AggregateException: One or more errors occurred. (The SSL connection could not be established, see inner exception.)

 ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.

 ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot

Cause

The certificate necessary to complete the handshake with your site is not trusted by the Windows Certificate Store for one of the following reasons:

  1. The certificate is self-signed or signed by a private authority. This can happen by injecting the certificate via an external component such as an antivirus, firewall, proxy, etc.
  2. The certificate is signed by a Public Certificate Authority, but the server is not presenting the full certificate chain with all intermediate certs up to the CA root cert.

Action

  1. Uninstall the Appian RPA in that machine using the uninstaller in the agent folder.
  2. Download a new agent without the auto sign-in feature enabled and install it.
  3. Follow the instructions in KB-2272 to identify the missing certificates and please follow the documentation from Microsoft to add them.
    1. Note: Appian RPA auto sign-in feature is a .NET service.
    2. Note: The same certificates added into your JVM truststore should be the missing ones in your local certificate store.

Please open a case with Appian Support if you have any questions with any of these steps.

Workaround

If the missing certificates are injected by any specific application in the host machine, such as an antivirus or firewall, they can be configured in order to prevent this injection.

Affected Versions

This article applies to all versions of Appian Cloud.

Last Reviewed: November 2023

Related
Recommended

© 2024 Appian. All rights reserved.