We have Clients that would stop talking to the CMG suddenly after being OK for some time. I one case, I noticed the client stop working and started working again after a month.
The issue seems random as majority of the machines are either OK, or may have experienced this but no longer.
Reinstalling the client will not fix the problem (we use bulk registration token) since installing the client on prem is not an option for us right now.
We are in an Enhanced HTTP environment and chose to use external certs.
The log message I see that pops out is that it fails to get a ccm access token or doesn't have a PKI issued cert to use SSL. This could be a root cause, but I really don't know where to begin with that as My googling only show solutions applicable to people using internal PKI certs.
ccmmessaging.log shows this:
[CCMHTTP] AsyncCallback(): ----------------------------------------------------------------- CcmMessaging 6/22/2023 4:33:34 PM 13660 (0x355C)
[CCMHTTP] AsyncCallback(): WINHTTP_CALLBACK_STATUS_SECURE_FAILURE Encountered CcmMessaging 6/22/2023 4:33:34 PM 13660 (0x355C)
[CCMHTTP] : dwStatusInformationLength is 4
CcmMessaging 6/22/2023 4:33:34 PM 13660 (0x355C)
[CCMHTTP] : *lpvStatusInformation is 0x80000000
CcmMessaging 6/22/2023 4:33:34 PM 13660 (0x355C)
[CCMHTTP] : WINHTTP_CALLBACK_STATUS_FLAG_SECURITY_CHANNEL_ERROR is set
CcmMessaging 6/22/2023 4:33:34 PM 13660 (0x355C)
[CCMHTTP] AsyncCallback(): ----------------------------------------------------------------- CcmMessaging 6/22/2023 4:33:34 PM 13660 (0x355C)
and
Successfully queued event on HTTP/HTTPS failure for server 'COMPANY.COM'. CcmMessaging 6/22/2023 4:33:34 PM 13660 (0x355C)
RetrieveTokenFromStsServerImpl failed with error 0x80072f8f CcmMessaging 6/22/2023 4:33:34 PM 13660 (0x355C)
Failed to get CCM access token and client doesn't have PKI issued cert to use SSL. Error 0x80072f8f CcmMessaging 6/22/2023 4:33:34 PM 13660 (0x355C)