Hello,
We have been using Azure Update Management to monthly patch our on-prem servers for a few years. Log Analytics Agent with Hybrid Runbook Worker is installed on the on-prem machines and use a Log Analytics Gateway as proxy for connection.
Since a few weeks, servers are not seen anymore in Azure and appear as "Disconnected".
When checking the Operations Manager event log on on-prem servers, we can see regularly events 4001 with following statement:
"Connecting to the service opinsightsweuomssa.blob.core.windows.net failed. Please check that the computer has Internet access or that a HTTP proxy has been configured for the system. The query will be retried later. The article KB3126513 has additional troubleshooting information for connectivity issues. "
Also we can see events ID 1230 with statement
"New configuration cannot be loaded, the error is 0x80FF0036(0x80FF0036). Management group xxxx "
On the gateway side, we can see in log events 106 with following statement
"2023-07-08 05:16:26 [11] ERROR TcpConnection - Server certificate chain does not include a trusted root certificate. Cert count in chain: 3. Root cert: CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US"
Followed by an event stating that suspicious connection was closed
On the gateway,e tried to manually install the 4 intermediate certificates for DigiCert Global Root G2 as described in https://learn.microsoft.com/en-us/azure/security/fundamentals/azure-ca-details?tabs=certificate-authority-chains#certificate-authority-details
But this did not solve the problem, we get events 4004 with following error:
HTTP operation failed with error "A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider." (0x800B0109). The query will be retried later. The article KB3126513 has additional troubleshooting information for connectivity issues.
Can you please help? Thank you!