I recently received an issue where tasks configured within MOVEit Central were failing to connect to the MOVEit DMZ server with the following error message:
Could not access URL 'https://xxxxxx.com:443/machine.aspx': HttpSendRequestEx failed: Security certificate revocation failed.
This issue is due to MOVEit Central host not being able to connect to the CRL Distribution Point for the server certificate revocation. There are two methods to resolve this issue.
Method 1 – Enable outbound HTTP connection to CRL Distribution Point
As you may not connect to the URL of the CRL Distribution Point, the likelihood is that this being blocked by your firewall service. In this case you need to obtain the CRL Distribution Points from your server certificate and enable outbound connections on TCP service port 80 (HTTP) from the MOVEiit Central Server to the desintation addresses.
Method 2 – Disable Check for Server Certificate Revocation
Alternatively, you could disable the check for server certificate revocation for the MOVEit Central host, by configuring the following group policy object settings:
Computer Configuration > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Advanced Page
Setting – Check for server certificate revocation
State – Disabled
Following the above being applied a restart is required.
One thought on “Server certificate revocation failed on MOVEit Central”
Thanks for this hint!
Also a valid SSL Certificate for enterprise users, fixes this error.
I got the error with the self-signed test certificate inside the corporate network.
Restart is necessary after certificate installation 😉