Certificate is not valid - Issuer: MS-Organization-Access

David Werner 66 Reputation points


On several Servers, I have certificates where the certificates are listed as:

Issued to: 0882ac7e-3ff6-4231-a45b-5a654aa4303f

Issued by: MS-Organization-Access

SCOM reports these as "Certificate is invalid".

Chain Details:
--- Certificate Status ---
PartialChain: A certificate chain could not be built to a trusted root authority.

Are these certificates actually invalid and can be removed?

Also, can someone explain where or how they certificates are generated and by whom.

Thank you,


Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,268 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,742 questions
0 comments No comments
{count} votes

Accepted answer
  1. Vadims Podāns 9,111 Reputation points MVP

    This certificate comes from ADFS and is automatically generated. You can safely skip this error. You can delete it, but next time you sign-in with ADFS, it will be generated again. In other words, it is expected behavior and by design.

5 additional answers

Sort by: Most helpful
  1. David Werner 66 Reputation points

    Hi Crypt32,

    Could you explain how this certificateis generated.

    The server is a Windows 2016 server and has SQL on it plus a few small applications.

    How could I find out who/when/how this certificate is generated.


  2. KKlouzal 26 Reputation points

    This certificate started showing up on client endpoints after integrating AD FS Device Registration. We are trying to use it in conjunction with AD FS Certificate Authentication however since the clients don't trust these certificates they fail during authentication.. What needs to be done for clients to trust these certs?

    0 comments No comments

  3. Soutar, Steven 1 Reputation point

    I have started seeing this exact same type of untrusted certificate, from a 3rd party cloud service which was presenting a valid certificate yesterday.

    What is being done to mitigate this "working as designed" feature & prevent us all from having to teaching end users to ignore security warnings on internet services?


  4. Jérôme DEGUINE 0 Reputation points

    Hello, I had this issue for one of our web application.

    The certificate pop up would show and make an error if we clicked on yes instead of cancel when we try to go to our web app.

    I solved this in the IIS management console > SSL Settings, and choose "Ignore" option.

    User's image

    0 comments No comments