The MAG fails to communicate with AWCM, or ACC fails to test successfully due to an underlying TLS/SSL trust issue. The following errors could occur:
System > Enterprise Integration > Certificate Authorities:
“Test connection is unsuccessful System > Enterprise Integration > Cloud C > Unknown error: please check the log file”
System > Enterprise Integration > Directory Services:
“Unknown error: please check the log file.”
System > Enterprise Integration > Tunnel > MAG:
“Test connection fails on AWCM.”
Upon encountering one of the above errors, please perform the following steps:
Remote desktop onto the AWCM server
Check the certificate used by AWCM by hitting the following url:
Located here is the customer’s certificate. Ensure that it is local to the server and that you have the Private key.
We have seen some issues with Entrust certs presenting a four chain certificate; if you see a different chain on different tests, go for the three chained certificate.
Change the AirWatch installer and remove AWCM.
In control panel, Add/Remove the current version of Java. This can be located under C:\Program Files. Rename the current Java folder to Java.old (may be worth taking a copy of the cacerts file (C:\Program Files\Java\jre1.8.0_66\lib\security))
Run the AirWatch Installer and re-enable AWCM. Java will be pulled down by the installer.
Note: In some cases, a notification will say “AWCM Truststore can not be built.” If this error occurs when progressing through the installer, it is likely the registry key for Java is pointing to a newer version which does not exist anymore and the connection cannot be made by AirWatch.
Carefully export the key and then remove the 1.8 key. Install the correct version of Java and allow it to write the correct path in the registry.
Install AWCM again and ensure that the Secure Channel is in the AWCM Truststore.
Test all components.