I have installed Password Capture Agent in the DC's.I have executed a test and I have this error:
ERROR (PasswordCaptureAgentScript ) : Password was sent unencrypted, but encryption of passwords is enforced.
Did you follow the installation guide? https://support.oneidentity.com/de-de/technical-documents/identity-manager/8.1.4/password-capture-agent-administration-guide
It could be that you configured the configuration parameter QER\Person\UseCentralPassword\PasswordCaptureAgent\Certificate to 0, so the system would assume that unencrypted messages would be sent from the PCA. This is not the default case, which is of course using encryption on the PCA end.
I have reinstalled the PCA in the DC's and I have putt the certificate for encrypt password. Now, the error that it give in the Appserver is:
2021-05-14 10:20:30.5459 ERROR (PasswordCaptureAgentScript ) : Exception while trying to decrypt and verify the password. Exception Message:  Error 238
Yes, it is. Please check the documentation https://support.oneidentity.com/de-de/technical-documents/identity-manager/8.1.4/password-capture-agent-administration-guide
I have installed the certificate in the Server where i have deployed the Application Server and I have added the read permissions to the certificate for the web service.
I have the same error:
2021-05-18 17:04:42.4166 ERROR (PasswordCaptureAgentScript ) : Exception while trying to decrypt and verify the password. Exception Message:  Error 238.
I have modified the user of the Application Pools of IIS and I have putted "Network Service". In the log of App Server get:
2021-05-19 12:08:33.9592 INFO (PasswordCaptureAgentScript ) : Password changed without Error
Is it correct, Right?