SCCM OSD failed on one remote site

Question

Hi,

We are using the latest SCCM 2303. We have one primary site and three remote site. Everything works well except SCCM OSD failed on one remote site. When I check the smspxe.log on the DP of remote site, I can see below error:

SMSPXE Failed to create certificate store from encoded certificate. Verify the provided Certificate was provisioned correctly. .

An error occurred during encode or decode operation. (Error: 80092002; Source: Windows)

SMSPXE PXE::MP_GetList failed; 0x80092002

SMSPXE PXE::MP_ReportStatus failed; 0x80092002

SMSPXE PXE::CPolicyProvider::InitializePerformanceCounters failed; 0x80070002

SMSPXE Failed to create certificate store from encoded certificate. Verify the provided Certificate was provisioned correctly. .

Is there any way to solve this problem? Appreciate your help!

Answer 1

Hi,

Thank you for posting in Microsoft Q&A forum.

It seems to be a known issue. This issue occurs if the IssuingCertificateList registry key is missing from the following registry subkey on the DP.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\Security

To fix the issue, copy the IssuingCertificateList registry key value from the management point. Then, copy this value to the same registry key on the DP. To do this, you can run the following command at an elevated command prompt on the DP:

REG.exe ADD "HKLM\SOFTWARE\Microsoft\SMS\Security" /v IssuingCertificateList /t REG_MULTI_SZ /d <Value_From_MP>

For more information, please refer to: PXE boot doesn't work because a self-signed certificate isn't created

Thanks for your time. Have a nice day!

Best regards,

Simon

---

If the response is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.