When connecting through Secure-IT to Web-IT server and attempting to launch a published application, you may receive the error: "Cannot load PIT file".
Web-IT and Secure-IT are configured properly.
This problem may be caused by a certificate. More specifically by an intermediate certificate that was issued by a private CA. Even if a client machine can be forced to trust that intermediate certificate, validation will fail because the private CA itself is not trusted by remote clients.
Apply a public certificate, generated by a known Certification Authority (Verisign, Thawte, GoDaddy, etc).
For POC deployments it's possible to use self-signed certificates and certificate generation should be performed on the Secure-IT machine, using the Self-SSL command line utility. This utility is available for download from the Microsoft website as a part of IIS6 Resource Kit.
Quest does not provide support for problems that arise from improper usage of Self-SSL.
For more information on Self-SSL, refer to Microsoft.
When user connects to Web-IT server through Secure-IT, he may choose to disregard certificate warning and that will lead to error launching applications. However, user may choose to import intermediate certificate onto the client machine and such warning may or may not appear.