Common Errors in the JAMFSoftwareServer.log File

2021-07-31 12:47:10,023 [ERROR] [-Pki-Pool-1] [ertificatePayloadInjector] - Problem requesting certificate from ADCS
com.jamfsoftware.jss.core.service.certapi.CertificateRequestServiceException: Problem requesting certificate from ADCS

Caused by:

javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

GUI:

Remains pending or fails with: "Failed to inject certificates into the profile".

Solution:

Check the Jamf AD CS Connector server certificate in IIS and the Jamf Pro PKI settings. If a load balancer/reverse proxy is in place, check the server certificate on the load balancer/reverse proxy.

2021-07-31 14:45:09,581 [ERROR] [-Pki-Pool-1] [ertificatePayloadInjector] - Problem requesting certificate from ADCS
com.jamfsoftware.jss.core.service.certapi.CertificateRequestServiceException: Problem requesting certificate from ADCS

Caused by:

com.jamfsoftware.pki.adcs.exception.AdcsConnectorCertificateNotIssuedException: CR_DISP_DENIED: Request denied

GUI:

Remains pending or fails with: "Failed to inject certificates into the profile"

Solution:

Check the template or variables.

2021-07-31 15:37:47,755 [ERROR] [-Pki-Pool-1] [ertificatePayloadInjector] - Problem requesting certificate from ADCS
com.jamfsoftware.jss.core.service.certapi.CertificateRequestServiceException: Problem requesting certificate from ADCS

Caused by:

com.jamfsoftware.pki.adcs.exception.AdcsConnectorCertificateNotIssuedException: INTERNAL_ERROR: System.ArgumentException - CCertRequest::Submit: The parameter is incorrect. 0x80070057 (WIN32: 87 ERROR_INVALID_PARAMETER)

GUI:

Remains pending or fails with: "Failed to inject certificates into the profile"

Solution:

Check CA name in the PKI Certificates settings in Jamf Pro.

2021-07-31 15:42:47,394 [ERROR] [-Pki-Pool-2] [ertificateInjectorService] - Failed to issue certificate for command c6fef8da-c73c-4068-a411-73739815ffad and payload E096CC55-C0D4-4202-91EF-6D84545D8CD0 improperly specified input name: 000000000000
java.lang.IllegalArgumentException: improperly specified input name: 000000000000

Caused by:

java.io.IOException: Incorrect AVA format

GUI:

Remains pending or fails with: "Failed to inject certificates into the profile"

Solution:

Missing CN= in format

2021-07-31 15:51:21,554 [ERROR] [-Pki-Pool-1] [ertificatePayloadInjector] - Problem requesting certificate from ADCS
com.jamfsoftware.jss.core.service.certapi.CertificateRequestServiceException: Problem requesting certificate from ADCS

Caused by:

com.jamfsoftware.pki.adcs.exception.AdcsConnectorCertificateNotIssuedException: INTERNAL_ERROR: System.Runtime.InteropServices.COMException - CCertRequest::Submit: The RPC server is unavailable. 0x800706ba (WIN32: 1722 RPC_S_SERVER_UNAVAILABLE)

GUI:

Remains pending or fails with: "Failed to inject certificates into the profile"

Solution:

Check the CA's Fully Qualified Domain Name (FQDN) in the PKI Certificates settings in Jamf Pro or the firewall settings.

2021-07-31 16:21:09,559 [ERROR] [-Pki-Pool-2] [ertificatePayloadInjector] - Problem requesting certificate from ADCS
com.jamfsoftware.jss.core.service.certapi.CertificateRequestServiceException: Problem requesting certificate from ADCS

Caused by:

java.net.UnknownHostException: [myadcs.mydomain.devBAD]: Name or service not known

GUI:

Remains pending or fails with: "Failed to inject certificates into the profile"

Solution:

Check the FQDN of the Jamf AD CS Connector.

2021-08-01 13:25:38,357 [ERROR] [-Pki-Pool-1] [ertificatePayloadInjector] - Problem requesting certificate from ADCS
com.jamfsoftware.jss.core.service.certapi.CertificateRequestServiceException: Problem requesting certificate from ADCS

Caused by:

org.apache.http.conn.ConnectTimeoutException: Connect to [myadcs.mydomain.com:443 [myadcs.mydomain.com/10.0.1.3] failed: connect timed out

GUI:

Remains pending or fails with: "Failed to inject certificates into the profile"

Solution:

Check firewalls.

2021-08-01 14:00:54,234 [ERROR] [-Pki-Pool-7] [ertificatePayloadInjector] - Problem requesting certificate from ADCS
com.jamfsoftware.jss.core.service.certapi.CertificateRequestServiceException: Problem requesting certificate from ADCS

Caused by:

org.springframework.web.client.HttpClientErrorException$Unauthorized: 401 Unauthorized: [<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">]

GUI:

Remains pending or fails with: "Failed to inject certificates into the profile"

Solution:

Check the client certificate.

2021-08-01 14:00:54,234 [ERROR] [-Pki-Pool-7] [ertificatePayloadInjector] - Problem requesting certificate from ADCS
com.jamfsoftware.jss.core.service.certapi.CertificateRequestServiceException: Problem requesting certificate from ADCS

Caused by:

org.springframework.web.client.HttpClientErrorException: 403 Forbidden

GUI:

Remains pending or fails with: "Failed to inject certificates into the profile"

Solution:

Check the trusted root CA on the Jamf AD CS Connector or client certificate. For more information, see the following Microsoft documentation: https://docs.microsoft.com/troubleshoot/iis/http-403-forbidden-open-webpage