# General troubleshooting

> The `net::ERR_CERT_AUTHORITY_INVALID` error occurs when your certificate expires or is involved in a certificate rotation process, indicating that it is now invalid.

## The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot

The `net::ERR_CERT_AUTHORITY_INVALID` error occurs when your certificate expires or is involved in a certificate rotation process, indicating that it is now invalid.

It is most likely that the error occurs for the following reasons:

* You cannot access Automation Suite.
* Your robot is disconnected.

Figure 1. Your connection is not private warning

!['Your connection is not private'image](https://dev-assets.cms.uipath.com/assets/images/orchestrator/orchestrator-your-connection-is-not-private-image-459857-56510639.webp)

Figure 2. UiPath Error message

![UiPath error message image](https://dev-assets.cms.uipath.com/assets/images/orchestrator/orchestrator-uipath-error-message-image-460982-20cbf1a8.webp)

To fix this error, take the steps, described in the following example:

1. Select the **Not secure** warning prompt. Then select **Certificate is not valid** from the dropdown menu.

   Figure 3. Certificate is not valid warning

   ![Certificate is not valid image](https://dev-assets.cms.uipath.com/assets/images/orchestrator/orchestrator-certificate-is-not-valid-image-459666-4cf7df94.webp)

2. In the **Certificate Viewer**, select the **Details** tab. Then select **Export** and save the certificate.

   Figure 4. Details tab

   ![Details tab image](https://dev-assets.cms.uipath.com/assets/images/orchestrator/orchestrator-details-tab-image-459695-4dfb974b.webp)

3. On your local machine, open **certlm.msc** and right-select the **Personal** folder, then select **All Tasks**, then select **Import**. Select the previously generated certificate and import it.

   Figure 5. Importing certificate

   ![Import certificate image](https://dev-assets.cms.uipath.com/assets/images/orchestrator/orchestrator-import-certificate-image-459702-3810b88f.webp)

4. In the same **certlm.msc** window from the previous step, select the **Trusted Root Certification Authorities** folder, then select **All tasks**, then select **Import**. Select the previously generated certificate and import it again.

   Figure 6. Importing certificate

   ![Import certificate image](https://dev-assets.cms.uipath.com/assets/images/orchestrator/orchestrator-import-certificate-image-459712-267ec665.webp)
   
5. Connect the robot again to check that the error is fixed.

   Select the **View site information** icon. Select **Connection is secure** from the dropdown menu.

## Browser group policies

Signing in to your Orchestrator service from the Assistant redirects you to the SSO page. In some browsers, you may be prompted to open UiPath Assistant. This happens due to the Assistant's protocol handler not being added to the browser's group policies.

To prevent this behavior, make sure to follow the next steps, depending on the browser (Chrome/Microsoft Edge):

1. Open **Registry Editor**.
2. Navigate to `Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome`/ or `Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge`, depending on the browser you use.
3. Add a new key and name it `AutoLaunchProtocolsFromOrigins`.
4. Select **(Default)** to edit the key.
5. In the **Edit String** dialog, in the **Value data** field, add `[{"allowed_origins": ["https://myOrchestrator.uipath.com/"],"protocol": "com.uipath.robot.oidc"}]` and select **OK**.
   :::important
   The `AutoLaunchProtocolsFromOrigins` policy requires Chrome 85 or later.
   :::
6. Close all browser tabs and relaunch the browser.
7. Verify that your browser applied the new policy by navigating to `chrome://policy` or `edge://policy`. The recently added policy should be listed under the **Chrome Policies** or **Microsoft Edge** section with the **OK** status.

## NLog not forwarding logs to Splunk following upgrade

:::note
We fixed this issue in [Orchestrator 2024.10.6](https://docs.uipath.com/orchestrator/automation-suite/2024.10/release-notes/2024-10-6#bug-fixes).
:::

Following an upgrade from 2023.10 or an earlier version to 2024.10, NLog no longer forwards logs to Splunk. To address the issue, take the following steps:

1. In ArgoCD, go to **Applications** and select **orchestrator**.
2. Select the **Details** tab.
3. In the **SYNC POLICY** section, select **DISABLE AUTO-SYNC**, then select **OK** to confirm your choice.
4. Add the following section under `init.container`:
   ```
   - name: download-plugins
     image: registry.uipath.com/uipath/sf-k8-utils-rhel:2025.04.02
     securityContext:
       allowPrivilegeEscalation: false
       capabilities:
         drop:
           - ALL
       privileged: false
       readOnlyRootFilesystem: true
       runAsNonRoot: true
       fsGroup: 1000
       runAsGroup: 1000
       runAsUser: 1001
     resources:
       limits:
         cpu: 500m
         memory: 1Gi
       requests:
         cpu: 100m
         memory: 200Mi
     volumeMounts:
       - name: tmp
         mountPath: /tmp
       - name: init-container-scripts
         mountPath: /scripts
       - name: plugins-volume
         mountPath: /plugins
       - name: plugins-external-storage-secret
         mountPath: /secret
     command:
       - /bin/sh
     args:
       - /scripts/copy-plugins-to-local-dir.sh
   ```