How to prevent SCCM updates from changing the signed certificate on my MS SQL server

Gary M. Garland 0 Reputation points
2024-01-19T17:05:52.3966667+00:00

I am installing a trial of SCCM. All the pieces reside on a single server, with the exception of WSUS and MS SQL server, which each reside on their own separate servers. When I applied the Configuration Manager 2309 update, it replaced the PKI signed certificate on my SQL server with a self-signed certificate. This immediately caused other applications on our network to fail their authentication to the SQL server. The certificate is one that I manually acquired using the enrollment wizard in the certificate manager snap-in on that SQL server. I want to find out why the update process replaced that certificate, and if there is a way I can prevent a future update from causing the same problem.

Microsoft Configuration Manager Updates
Microsoft Configuration Manager Updates
Microsoft Configuration Manager: An integrated solution for for managing large groups of personal computers and servers.Updates: Broadly released fixes addressing specific issue(s) or related bug(s). Updates may also include new or modified features (i.e. changing default behavior).
925 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. XinGuo-MSFT 12,706 Reputation points
    2024-01-22T07:23:16.8633333+00:00

    Hi,

    I understand that you are facing issues with your SQL PKI signing certificate after updating your Configuration Manager. You mentioned that it has been replaced with a self-signed certificate.

    Please use the file a frown function in the console to send your feedback making sure to include how this is impacting you and your business.

    To prevent a future update from causing the same problem, I suggest you use a dedicated database server for SCCM.

    0 comments No comments