Outgoing communication (from Connect)

Check firewall configuration

Make sure that any existing firewalls allow access to the desired resource.

Check connection on operating system level

If a browser is installed on the Connect server and the request is an http GET request, try to access the resource with it. Otherwise use Invoke-WebRequest (Windows PowerShell) or curl (Linux / macOS) to execute the request. Check the corresponding error messages.

Check connection on Connect level

On the Connect server, create a connection to the desired target system and run a connection test (if available). If necessary, check the error messages that appear in the user interface and on the console.

Error messages and their cause

The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot

The root certificate authority that issued the certificate to the target server is not trusted.

Windows

Copy a .crt file with the certificate of the corresponding root certification authority into a directory and then run the command certutil -addstore -f "ROOT" my_trusted_root_ca.crt. (my_trusted_root_ca.crt is used as a proxy for the filename of the .crt file).

Debian and Ubuntu

Copy a .crt file containing the certificate of the corresponding root certification authority to the /usr/local/share/ca-certificates/ directory and then run the update-ca-certificates command.

Redhat and CentOS

Copy a .crt file containing the certificate of the corresponding root certification authority to the /etc/pki/ca-trust/source/anchors/ directory, and then run the update-ca-trust command.

Docker

The OS-level actions described above can be included in the Dockerfile. Corresponding examples can be found in the Dockerfiles shipped with the Connect Server.