Share via

Renewing cert for a MP server

Ramesh RK 131 Reputation points
2022-08-02T17:15:36.343+00:00

Hi All

I have a primary standalone site with 3 MP servers.
The Primary Site server is one of the MP server.

The SiteServer's URL for MP list https://<Site_Server>/SMS_MP/.SMS_AUT?MPLIST is currently working fine, but the PKI cert associated to it is getting expired later this month.

Thinking of renewal if explored the current setting and found:

  • Could not find that cert in the Cert Store of the SiteServer
  • Dont see IIS binding in place for HTTPs in SiteServer

Trying to understand few things:

  • How is HTTPS://SiteServer working without it being having binding in SCCM?
  • Now once the new cert is in, what all the settings/change i would need to do

Kindly advice and assist on this

Cert status while accesssing MP List from Primary SiteServer URL
227392-image.png

IIS binding status in SiteServer
227382-image.png

Microsoft Configuration Manager
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. AllenLiu-MSFT 41,461 Reputation points Microsoft Vendor
    2022-08-03T07:47:08.137+00:00

    Hi, @Ramesh RK

    Thank you for posting in Microsoft Q&A forum.

    So you have not requested the web server certificates in site server and bind the cert?
    Have you configured PKI on clients?
    Have we checked the mpcontrol.log? Does it validate the certificate?

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments