> For the complete documentation index, see [llms.txt](https://docs.devolutions.net/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.devolutions.net/gateway/knowledge-base/troubleshooting-articles/invalid-tls-certificate-issues-for-session-recording-via-devolutions-gateway.md). # Invalid TLS certificate issues for session recording via Devolutions Gateway If you encounter issues with session recording via Devolutions Gateway, it may be due to an invalid TLS certificate. There are several reasons why a TLS certificate could be considered invalid. Here are the most common causes: * **Misconfigured certificate**: Incorrect setup or installation of the TLS certificate. * **Domain mismatch**: The certificate is issued for a different domain (e.g., certificate issued for *example.loc* but the host destination address is *not-example.loc*). * **Break in the chain of trust**: The certificate issuer's identity cannot be verified. * **Incorrect date/time on client machine**: If the local date/time on the client machine is incorrect, the certificate may be considered expired if it falls past the certificate's expiration date. * **Broken certificate structure**: The certificate has an invalid digital signature or other structural issues. * **Outdated hashing algorithm**: The certificate uses only the SHA-1 hash algorithm, which is outdated and no longer considered secure. * **Revoked certificate**: The certificate has been revoked by the issuing authority. * **Self-signed certificate and Sophos**: When using a self-signed certificate, if the client is using Sophos, the certificate may be replaced by an untrusted one, bypassing the option to allow self-signed certificates by Remote Desktop Manager. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.devolutions.net/gateway/knowledge-base/troubleshooting-articles/invalid-tls-certificate-issues-for-session-recording-via-devolutions-gateway.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.