When accessing Orchestrator, the site is displaying a "Site Not Secure" error
Depending on the browser one is using, when connecting to Orchestrator one will get the following error:
Internet Explorer: DLG_FLAGS_SEC_CERT_CN_INVALID
Chrome: NET::ERR_CERT_COMMON_NAME_INVALID
Firefox: SSL_ERROR_BAD_CERT_DOMAIN
This error occurs when the hostname specified by the certificate for the website does not match the hostname in the URL that resolved to that site. In other words, the site is being accessed with a URL that is different from what the site thinks its name is.For example, let’s say an admin logs onto an Orchestrator server (we will call it secure.orchestrator) and then accesses the Orchestrator site from the server machine using the URL https://localhost. They will be able to access the site but will probably get a “Site is not secure” error because the Orchestrator server’s hostname is not “localhost”.
If they used the URL https://secure.orchestrator (which is the hostname in this example) the connection would not throw an error. (assuming everything else is setup correctly).
Troubleshooting Steps:
- Open a browser and go to the Orchestrator URL.
- Once the web browser is on the problematic page open the certificate. Most browser will have some sort of warning icon near that URL that you can be used to view the certificate. In IE right click anywhere on the page, select properties and then select “Certificates”.
- Go to the “Details” tab.
- The “Subject Alternative Name”
-
If the hostname that is used in the URL is not contained in the “Subject Alternative Name” (SAN), then it will generate a security warning. For example, if connecting to uipath.com, the SAN would need to contain one of the following:
<ol style="list-style-type: lower-alpha;"><li><span style="font-size: 11pt;" uipath_custom_id="58"><span style="line-height: 107%;" uipath_custom_id="59"><span style="font-family: Calibri,sans-serif;" uipath_custom_id="60">DNS Name=uipath.com</span></span></span></li><li><span style="font-size: 11pt;" uipath_custom_id="61"><span style="line-height: 107%;" uipath_custom_id="62"><span style="font-family: Calibri,sans-serif;" uipath_custom_id="63">Or DNS Name=*.uipath.com</span></span></span></li></ol> </li><li><span style="font-size: 11pt;" uipath_custom_id="64"><span style="line-height: 107%;" uipath_custom_id="65"><span style="font-family: Calibri,sans-serif;" uipath_custom_id="66">If the hostname is not contained in the SAN, then it means the wrong URL is being used to access the site, or the Certificate needs to be regenerated with the correct values.</span></span></span></li><li><span style="font-size: 11pt;" uipath_custom_id="67"><span style="line-height: 107%;" uipath_custom_id="68"><span style="font-family: Calibri,sans-serif;" uipath_custom_id="69">A system admin should know how to correct an invalid Certificate.</span></span></span></li><li><span style="font-size: 11pt;" uipath_custom_id="70"><span style="line-height: 107%;" uipath_custom_id="71"><span style="font-family: Calibri,sans-serif;" uipath_custom_id="72">If the SAN is correct, then a different URL needs to be used to access Orchestrator. To do this, try the following steps:</span></span></span> <ol style="list-style-type: lower-alpha;"><li><span style="font-size: 11pt;" uipath_custom_id="73"><span style="line-height: 107%;" uipath_custom_id="74"><span style="font-family: Calibri,sans-serif;" uipath_custom_id="75">DNS needs to be updated by an admin so the correct hostname can be resolved to the Orchestrator server IP.</span></span></span></li><li style="margin-bottom: 11px;"><span style="font-size: 11pt;" uipath_custom_id="76"><span style="line-height: 107%;" uipath_custom_id="77"><span style="font-family: Calibri,sans-serif;" uipath_custom_id="78">The correct hostname needs to be added to the site’s bindings. Click </span></span></span><a href="https://docs.microsoft.com/en-us/iis/configuration/system.applicationhost/sites/site/bindings/binding" target="_blank"><span style="font-size: 11pt;" uipath_custom_id="79"><span style="line-height: 107%;" uipath_custom_id="80"><span style="font-family: Calibri,sans-serif;" uipath_custom_id="81">here </span></span></span></a> <span style="font-size: 11pt;" uipath_custom_id="82"><span style="line-height: 107%;" uipath_custom_id="83"><span style="font-family: Calibri,sans-serif;" uipath_custom_id="84">for information on how to add a binding to IIS.</span></span></span></li></ol> </li></ol>