This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 91%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
I recently put in a question on how to force Web Availability to use TLS 1.2 as I thought that is what was causing me the issue. But I found after going through the steps to force SCOM and the OS to use TLS 1.2 it only changed my failure and didn't fix it.
When attempting to access a particular URL from a server that has been adjusted to TLS 1.2 I get this behavior.
After clicking OK to the prompt I get a 200 status code response
The packet capture shows that a cert is being passed
When attempting to do the same thing from a machine that hasn't been forced to TLS 1.2
Packet capture
Here is what it looks like in SCOM
Is there any way to deal with these client cert authenticated urls?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Stephen Morrison , For the Internet Explorer windows prompt, please turn the "IE Enhanced Security Configuration" as off on the server.
For the website that require a client certificate, the request may fail due to security error. For such situation, we can set "
Ignore server certificate errors". For more details, we can refer to the following link:
https://learn.microsoft.com/en-us/system-center/scom/web-application-properties?view=sc-om-2019
To monitor the websites require a client certificate, we can also consider the URLGenie Management Pack. Here is a link for the reference:
https://gallery.technet.microsoft.com/scriptcenter/URLGenie-Management-Pack-771bf58c
Hope it can help.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Changing the IE Security Settings did stop the popup while using powershell but didn't have any effect on the SCOM web availability monitor.
I tried to recreate this as a web transaction but that also failed. We are still on 1807 and its my understanding that it ignores cert errors by default and the added option to choose was added in 2019.
URLGenie has the option to select a client cert and once I added that thumbprint into the xml consumed for running the tests it came back as successful. We looked at URLGenie some time ago but at that time didn't have a need for it. Web Availability and Web Transaction worked well enough to not introduce another solution.
@Stephen Morrison , Thanks for the update to let us know the latest status. I am glad that it is working well after we use URLGenie MP. Congratulations! If there's anything else we can help in the future, feel free to post in our Q&A. We are always glad to help.
Thanks for your time and have a nice day!