Hi @TravM ,
Thanks for posting in Microsoft Q&A forum.
It seems that we have done a lot of research and perform some troubleshooting steps to find the root cause.
According to the provided log picture, the error may be caused by that the client failed to communicate with management point.
We can try to uncheck the box from Site Properties which disable CRL check and check the log again.
If the error is still reported, we may need more information to move on. Since there's nothing wrong in mpcontrol.log, so that could you upload the complete LocationServices.log and CcmMessaging.log (with sensitive information masked), may be we can find some cause in the log file.
Thanks for your time.
If the response is helpful, please click "Accept Answer"and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi,
Thanks for your update.
We may check the health of the management first. Open the Internet explorer and enter the following commands:
· http://<ServerName.FQDN>/sms_mp/.sms_aut?mplist
· http://<ServerName.FQDN>/sms_mp/.sms_aut?mpcert
For more details, please refer to this article:
https://www.enhansoft.com/how-to-test-your-mp-to-confirm-if-it-is-healthy/
(Note: This is not from MS, just for your reference.)
What's more, I found an article that have similar error with the log you provide, may be we can try it to troubleshooting:
https://www.syswow64.co.uk/2016/03/sccm-client-certificate-pki-value-is.html
(Note: This is not from MS, just for your reference.)
HI,
Thanks for spending time on this.
Yes, I can access the mplist and mpcert after moving the SCCM Client Certificate to the personal user store in mmc.
I followed the instructions in the link that you shared. Devices don't have that reg key but I added It by running that script and restarted the SMS service few times, restarted the device. Still having the same issue.
I'm getting this error code 0x5, can't find anything about that on the internet.
@HanyunZhu-MSFT ,
Okay, I joined one of those machine with faulty sccm client to my test SCCM environment. Assigned PKI cert, Installed the client and had the same issue.
Then I switched Sccm site, MP and DP on the test sccm server from https to http, and the client Installed successfully with the all action items.
It seems like the issue is on client side. Something has changed after the windows feature update.
Any idea why https might have stopped working after Windows update?
Thanks
Sign in to comment