SCOM Certificate Based Agent Authentication Issue

SCOM Certificate Based Agent Authentication Issue

I’ve recently been working on a SCOM 2012R2 proof of concept and had to set up the first client server that was not part of the domain.We achieved this with SCOM 2007R2 by using certificates and the same method worked in SCOM 2012 R2 (Yeh!).

However,. after we created and installed the Client/Server authentication certificate on the non-domain server we received the below errors. Also we could not see the new server in the Pending Management section of SCOM

Errors received while not working

This was a bit odd as the certificate was fine, we even replaced it and imported it again using the SCOM cert tool.

It took us about 3 hours to realize or more specifically properly read the instructions for setting this up.The certificate is not a web server cert, it’s for two-way communication.Which means the SCOM management server needs a certificate too DOH!!

Once we installed a Client/Server authentication cert on the SCOM management server, it started to work.By that I mean we got this error, until we approved it in pending management

Error received when all is working, just needs to be approved in pending management

A good guide for setting up certificate authentication