SSL Debug tests on the MID Server host machineSummary<!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: #000000; } span { font-size: 12pt; font-family: Lato; color: #000000; } h2 { font-size: 24pt; font-family: Lato; color: black; } h3 { font-size: 18pt; font-family: Lato; color: black; } h4 { font-size: 14pt; font-family: Lato; color: black; } a { font-size: 12pt; font-family: Lato; color: #00718F; } a:hover { font-size: 12pt; color: #024F69; } a:target { font-size: 12pt; color: #032D42; } a:visited { font-size: 12pt; color: #00718f; } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: block; max-width: ; width: auto; height: auto; } } Sometimes, it is needed to have the Certificate dumps to investigate further on MID Server related issues, and also might needed to have the certificate related issue troubleshooting for Discovery, further in process of troubleshooting, it is required to execute some commands of SSL and share with ServiceNow support to continue investigate The below steps are required to be executed on a Windows Host Machine where the MID Server installed Check OSCP url in the certificate :run certutil -dump <certifciate_file>.ctr look for Authority Information Access (AIA) and OSCP URL Test OSCP Response AccessiblityInvoke-WebRequest -Uri "<OCSP_URL>"Test OSCP Response AccessiblityInvoke-WebRequest -Uri "<OCSP_URL>"Verify Windows Trust Store Check if the Certificate is Installed in WindowsOpen Run (Win + R) → Type certmgr.msc → Press Enter. Go to Trusted Root Certification Authorities.Find the CA certificate and ensure it’s valid. Related Links<!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: #000000; } span { font-size: 12pt; font-family: Lato; color: #000000; } h2 { font-size: 24pt; font-family: Lato; color: black; } h3 { font-size: 18pt; font-family: Lato; color: black; } h4 { font-size: 14pt; font-family: Lato; color: black; } a { font-size: 12pt; font-family: Lato; color: #00718F; } a:hover { font-size: 12pt; color: #024F69; } a:target { font-size: 12pt; color: #032D42; } a:visited { font-size: 12pt; color: #00718f; } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: block; max-width: ; width: auto; height: auto; } } How to enable SSL debug on the mid server to troubleshoot any issues with SSL connections?Troubleshooting MID server SSL issues Quick Reference: Set SSL debug and review wrapper.log Stop the MID serverOpen file \agent\conf\wrapper-override.confAdd either parameter:-Djavax.net.debug=ssl,handshake-Djavax.net.debug=all (fine-grained and highly verbose)For example:wrapper.java.additional.3=-Djavax.net.debug=ssl,handshakeOpen file \agent\config.xml and add parameter<parameter name="mid.log.level" value="debug"/>Start the MID serverReproduce the issueReview fileagent\log\wrapper log.