We currently setup Internet Based Management on our SCCM environment over Native mode. This was initially working for the first 2 years and it was handed over to us, but it has suddenly stopped working, and we suspect an expired certificate somewhere that might be causing the issue. However we have gone through and updated the Certificates on the FQDN of our Internet facing site and also on the SUP (port 8531) as well.
However, when I try to hit our internet facing site through https://FQDN/ccn_system/request I get a webpage cannot be displayed error on this. If I attempt to hit the same site through the SUP port https://FQDN:8531 I get the certificate to install and then I can get through the IIS and get a you are not authorized to view this page. So it seems that I can get through on the SUP ports, but not through the HTTPS 443 port.
When I check the internet base point whilst on the internal network I get the IIS 7 homepage, and suspect that I should see something similar whilst on an external internal source.
I checking through my client logs, and get the following:
Post to https://FQDN/ccm_system/request failed with 0x87d00231. CcmMessaging Failed in WinHttpReceiveResponse API, ErrorCode = 0x2f78 CcmMessaging
Current Internet Management Point is FQDN with Version 0 and Capabilities: <Capabilities SchemaVersion ="1.0"><Property Name="SSL" Version="1" /></Capabilities> ClientLocation
Executing Task LSSiteRoleCycleTask LocationServices 1 internet MP errors in the last 10 minutes, threshold is 5. LocationServices) Executing Task LSSiteRoleCycleTask LocationServices) 2 internet MP errors in the last 10 minutes, threshold is 5. LocationServices Executing Task LSSiteRoleCycleTask LocationServices 3 internet MP errors in the last 10 minutes, threshold is 5. LocationServices Executing Task LSSiteRoleCycleTask LocationServices 4 internet MP errors in the last 10 minutes, threshold is 5. LocationServices Current AD site of machine is AHL LocationServices Executing Task LSSiteRoleCycleTask LocationServices Internet MP error threshold reached, moving to next MP. LocationServices Failed to execute LSExecuteTask LocationServices So I can see that it recognises that it has to be on the Internet Based Management Point, and I can see it verifying it has a valid certificate from the Client logs, would the issue be something on our IIS?