MP has rejected registration request due to failure in client certificate

Issue:- We have System Center Configuration Manager 2012 R2 deployed on Windows Server 2008R2 host. Recently we have moved our Certification Authority to Windows Server 2012 , renewed Root CA Certificate and intermediate Certificates also migrated Hashing algorithm from 'sha1' to 'sha2'  . New Root CA and intermediate CA also present on client machines and on SCCM. However, i have discovered these errors on MP:
MP has rejected registration request due to failure in client certificate (Subject Name: ) chain validation. If this is a valid client
Even though Newly imaged machines are getting SCCM client installed but won't see all the client cycle under 'Actions tab' and also  'client certificate shows "None". 
The operating system reported error 2148204809: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. 
Solution:-
Register new Certificate of Root CA  under SCCM2012 (Administration --> Site Configuration --> Site Properties) this  is posible that when you move the Root CA this generate a new root certificate and this not are register in the SCCM. 
If the certificates don't match, register de new Root CA if the certificate are emited to the same subject only can have one certificate registered and all your machines clients with this Root Certificated.
Server Side
Client Side Certificate (MMC)

Comments

Popular posts from this blog

Enterprise CA option is greyed out / unavailable

Rearm the Office 2013 installation