Unable to access ITPAM workflow in ServiceDesk Manager with SSL enabled.

After renewing the certificate in the ITPAM  getting the below error in jstd.log when invoking PAM in SDM:

05:37:36.174[Thread-3] ERROR ItpamWorkflow 575 Error getting definitions: 
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)

Resolution

1. Download the certificate using the browser from the IT PAM URL.  File saved as chain certificate with extension CRT. Example filename as: pam.crt. 
2. Copy the certificate file to the SDM NX_ROOT\bin directory
3. Take backup of NX_ROOT\NX.env file and NX_ROOT\pdmconf\nx_keystore file. 
4. Edit NX_ROOT\NX.env file to to remove the NX_KEYSTORE_REF value by deleting the value after “=” sign.
5. Also delete the file NX_ROOT\pdmconf\nx_keystore
6. From the command prompt go to location NX_ROOT\bin and run the command as: pdm_perl pdm_keystore_mgr.pl -import pam.crt
7. Once step 6 is completed check whether NX.env is updated with the value NX_KEYSTORE_REF, and also  NX_ROOT\pdmconf\nx_keystore to be created.
8. Tomcat webserver also need the reference for the correct certificate. Hence we need to update NX_ROOT\bopcfg\www\CATALINA_BASE\conf\server.xml with the updated keystore file.
   1. Execute the command to generate the keystore file: keytool -import -keystore casm.keystore -file pam.crt
   2. Update server.xml with the correct path to the keystore file. 
9. Updating the tomcats server.xml requires tomcat restart. 
10. As the rpc_srvr process is a java process and it used the cacerts from SharedComponents JRE. Exmple folder location: C:\Program Files (x86)\CA\SC\JRE\11.0.3\lib\security\cacerts. 
11.  Hence make sure to update cacerts with the new certificate. Execute below command to update cacerts.  keytool -importcert -alias itpam -file pam.crt -keystore C:\Program Files (x86)\CA\SC\JRE\11.0.3\lib\security\cacerts
12. Restart rpc_srvr process by executing the command as: pdm_bounce rpc.

If the environment is AA, make sure the NX.env has the correct value of keystore. If the version control is enabled, the NX.env values may get overwritten.