Hi @Kadam, Sushanth ,
can you please check if both your management sevrers have the X..plat certificate of all other resource pool members on them?
Monitoring UNIX/Linux with OpsMgr 2016
To configure for high availability, each management server in the resource pool must have all the root certificates that are used to sign the certificates that are deployed to the agents on the UNIX and Linux computers. Otherwise, if a management server becomes unavailable, the other management servers would not be able to trust the certificates that were signed by the server that failed.
We provide a tool to handle the certificates, named scxcertconfig.exe. Essentially what you must do, is to log on to EACH management server that will be part of a Unix/Linux monitoring resource pool, and export their SCX (cross plat) certificate to a file share. Then import each others certificates so they are trusted.
After you have checked this, can you please cleanup as per the article you have posted:
Remove the existing contents of the agent directory on the server and reinstall the agent RPM.
After reinstalling the agent you can run:
openssl x509 -noout -in /etc/opt/microsoft/scx/ssl/scx.pem -subject -issuer -dates
Generate the certificate, making sure to use the correct host name:
/opt/Microsoft/scx/bin/tools/scssslconfig -f -h <hostname>
Afterwards you should be able to sign the certificate. Please let me know how this looks, Thanks!
(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)