Server certificate revocation failed on MOVEit Central

I recently received an issue where tasks configured within MOVEit Central were failing to connect to the MOVEit DMZ server with the following error message:

Could not access URL '': HttpSendRequestEx failed: Security certificate revocation failed.

This issue is due to MOVEit Central host not being able to connect to the CRL Distribution Point for the server certificate revocation. There are two methods to resolve this issue.

Method 1 – Enable outbound HTTP connection to CRL Distribution Point

As you may not connect to the URL of the CRL Distribution Point, the likelihood is that this being blocked by your firewall service. In this case you need to obtain the CRL Distribution Points from your server certificate and enable outbound connections on TCP service port 80 (HTTP) from the MOVEiit Central Server to the desintation addresses.

Method 2 – Disable Check for Server Certificate Revocation

Alternatively, you could disable the check for server certificate revocation for the MOVEit Central host, by configuring the following group policy object settings:

Computer Configuration > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Advanced Page

Setting – Check for server certificate revocation

State – Disabled

Following the above being applied a restart is required.

One thought on “Server certificate revocation failed on MOVEit Central

  1. Thanks for this hint!
    Also a valid SSL Certificate for enterprise users, fixes this error.
    I got the error with the self-signed test certificate inside the corporate network.

    Restart is necessary after certificate installation 😉


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s