/
TLS / SSL Connection Issues

TLS / SSL Connection Issues

HTTPS connections from Umbrella Faces to a third party system must be secured using a valid and generally trusted SSL certificate.

Please note that, due to security guidelines, Umbrella cannot manually trust an otherwise untrusted certificate. Third parties will need to ensure their certificates are both valid and their web servers properly configured.

Indicators for a certificate problem

  • The “publishing” section on the profile may mention a “PKIX” issue, for example “PKIX path building failed”

  • The “publishing” section or a search-field may mention “unable to find a valid certification path”

Verifying the third party systems certificate

Umbrella will not provide any support for SSL issues as long as the independent SSL Server Test from Qualys shows any of the following issues.

SSL Test Result Section + Example Screenshot

What to lookout for

SSL Test Result Section + Example Screenshot

What to lookout for

Summary

CleanShot 2025-10-31 at 15.17.35-20251031-141753.png

 

If the SSL Server Test summary indicates the certificate is not trusted, we will not be able to connect

Certificate #1

CleanShot 2025-10-31 at 15.18.40-20251031-141850.png

 

If the certificate is either not valid (check “Valid from” and “Valid until”, if either is marked red) or not trusted, we will not be able to connect

Certification Paths - Java

CleanShot 2025-10-31 at 15.23.35-20251031-142344.png
CleanShot 2025-10-31 at 15.28.16-20251031-142829.png

 

At least one of the certification paths must be “Trusted” without an “Extra Download” step. If there are only trusted paths with an extra download required, we will not be able to connect

Handshake Simulation - Java

CleanShot 2025-10-31 at 15.30.27-20251031-143108.png

 

Java 11 upwards must be marked as successful (green) otherwise, we will not be able to connect