Register-SPWorkflowService : The root of the

certificate chain is not a trusted root authority

With my recent experience with workflow server configuration I encounter an error when tried to register workflow service with SharePoint 2013 farm. I want to connect workflow server to SharePoint web server where communication takes place via https. Earlier, when I configured the workflow farm, it automatically generates a SSL certificate for secure communication, but when I tried to run Register-SPWorkflowService command from SharePoint web frontend server it gives an error. 

Register-SPWorkflowService -SPSite "https://SharePointSiteCollecitonURL" -WorkflowHostUri https://WorkflowServerFullName:12290/
Register-SPWorkflowService : The root of the certificate chain is not a trusted root authority.

At line:1 char:1

+ Register-SPWorkflowService -SPSite

"https://test/sites/W ...

+......+ CategoryInfo          : InvalidData: (Microsoft.Share...WorkflowService:

   RegisterSPWorkflowService) [Register-SPWorkflowService], ConfigurationExce

  ption

    + FullyQualifiedErrorId : Microsoft.SharePoint.WorkflowServices.PowerShell

   .RegisterSPWorkflowService 

The error message gave me a hint that the problem is related to the SSL certificate.  The workflow server generates an automated SSL certificate for workflow web application on workflow server. When I tried to connect to workflow website from SharePoint front end server, it did not recognise the certificate. 

I have to copy the SSL certificate from workflow server to SharePoint front end server under the “Trusted root certification authority”.

Below are the steps to Export certificate from workflow server and import on SharePoint web server.

Go to command prompt and type “mmc” and hit enter 

Go to file option from menu and select “Add/Remove snap-in”

Add “Certificates” to the right hand side and then click “OK”

Look for the workflow certificate which contains

Issue to: workflow server name

Issue authority: workflow server name

Export the certificate through wizard and then copy it to SharePoint web server 

Import the certificate into SharePoint webserver via mmc under “Trusted root certification authority” location

Then navigate to https workflow site from SharePoint web server.  You should be able to see the workflow site as appear below

Now run the below command to register workflow server where communication takes place via https

Register-SPWorkflowService -SPSite "https://SharePointSiteCollecitonURL" -WorkflowHostUri "https://WorkflowServerFullName:12290/"

It should run fine this time.

More Blogs

Contact us

To begin your digital transformation, get in touch.

We’re pleased to address any inquiries you might have and assist you in selecting the service that best suits your requirements.

Your benefits:
Speak To Us