Skip to main content
Redstor.com

1263 - OData error: “Could not establish trust relationship”

Jolette Roodt
  • Updated
    Tags:
  • ESE
  • Storage Platform

Symptom

A customer looking to query Storage Platform data from the OData feed in Excel sees the following error:

OData: Request failed: The underlying connection was closed: 
Could not establish trust relationship for the SSL/TLS secure channel.

Cause

We serve two certificates on the Storage Platform. One is signed by a trusted certificate authority; the other is signed by Redstor's own root certificateBecause the Redstor certificate’s root certificate is not trusted by your machine, you have to manually add it to your Trusted Root Certification Authority store for OData queries from Excel to work. Redstor's ESE Agent trusts only the Redstor root certificate, while your browser trusts only certificates signed by certification authorities that are in your trusted store. In addition, the root certificate’s common name must match the Storage Platform's server address (domain name). If one of the certificates is not a trusted authority, or the common name and server address do not match, the above error will be shown when you try to access data from the Storage Platform.

In the case, Excel was used to make an OData query to the Storage Platform. The Platform saw Excel's TLS handshake as that of an ESE Agent and served the root certificate. However, because the root certificate’s common name and the server address did not match, the error was shown.

Solution

Add the Redstor root certificate to your trusted store. To do this:

  1. In the Storage Platform Console, navigate to the Report view.
  2. Right-click on Enterprise in the tree view and select Configure.

    mceclip3.png

  3. Click Install Root Certificates.

    mceclip2.png

  4. A security warning for the certificate will be shown, as seen in the example below.

    mceclip0.png

  5. Click Yes to install the certificate.
  6. Another warning will appear for the second certificate. Click Yes to install this one as well.
  7. Once both are installed, the following confirmation will be shown:

    mceclip1.png

 

Related articles

Comments

3 comments

Date Votes
  • Bruce Laing

    This guide has the wrong SSL cert linked in Step 1. 

    0
  • Jacques van Rensburg

    Hi Bruce

    Did some investigation and there are cases where this will happen connecting to the link mentioned above.
    Depending on DNS, certain browsers or app, the connection by the AS is seen as comms from the backup client and then services the cert seen above.

    I'm going to replace the steps above using the SP Console instead to trust/install certs (Via report, enterprise - configure - Install Root cert). It might however still not work 100% for you. In that case I suggest logging a support ticket to assist with getting an additional cert added to the Redstor SP for eg riscitsolutions.com.

    Regards
    Jacques

    0
  • Bruce Laing

    Hi Jacques,

    Thanks for the update, don't know if you meant to post it to your FAQ. And yes the step above still won't work for us or our customers as you need to be an SP Platform Admin to allow you to get access to the "Configure" option for Enterprise reports.

     

    0

Please sign in to leave a comment.