prohand
-
Posts
7 -
Joined
-
Last visited
Posts posted by prohand
-
-
Hello,
I still have the error cited above in DmpDeviceCertAuthModule.log but this does not correspond to the moment when I evaluate the conformity of bitlocker.
The mpcontrol.log of DMZ server indicates the SSL is enabled.
Have you been able to see my log file?
Thank you
-
Hello,
I just sent you the client logs.
Thank you
-
I just found this on my server in DMZ:
Maybe it's related
Can I send you the logs in MP?
]LOG]!><time="12:01:22.108-60" date="01-21-2020" component="CertificateMaintenance" context="" type="1" thread="4816" file="Event.cpp:908"> <![LOG[Looking for cert with SHA1 hash 4xxxx in cert store My.]LOG]!><time="12:01:22.265-60" date="01-21-2020" component="CertificateMaintenance" context="" type="1" thread="4816" file="ccmgencert.cpp:1524"> <![LOG[CSP associated with MP Certificate does not support SHA256 signing. Using SHA1 signing]LOG]!><time="12:01:22.280-60" date="01-21-2020" component="CertificateMaintenance" context="" type="2" thread="4816" file="ccmgencert.cpp:5921"> <![LOG[Raising pending event: instance of CCM_ServiceHost_CertRetrieval_Status { ClientID = "GUID:65xx3-xxxx"; DateTime = "20200121120122.119000+000"; HRESULT = "0x00000000"; ProcessID = 2584; ThreadID = 7792; }; ]LOG]!><time="13:01:22.119-60" date="01-21-2020" component="CertificateMaintenance" context="" type="1" thread="7792" file="Event.cpp:908"> <![LOG[Looking for cert with SHA1 hash 4xxxxx in cert store My.]LOG]!><time="13:01:22.275-60" date="01-21-2020" component="CertificateMaintenance" context="" type="1" thread="7792" file="ccmgencert.cpp:1524"> <![LOG[CSP associated with MP Certificate does not support SHA256 signing. Using SHA1 signing]LOG]!><time="13:01:22.307-60" date="01-21-2020" component="CertificateMaintenance" context="" type="2" thread="7792" file="ccmgencert.cpp:5921">
<![LOG[No client certificate was negotiated. Async: 0]LOG]!><time="12:56:06.031-60" date="01-21-2020" component="DeviceCertAuthModule" context="" type="3" thread="6252" file="devicecertauthmodule.cpp:931"> <![LOG[Failing HTTP request with status code 403.7 with HR 0x0 and reason "Client certificate required"]LOG]!><time="12:56:06.031-60" date="01-21-2020" component="DeviceCertAuthModule" context="" type="3" thread="6252" file="devicecertauthmodule.cpp:119">
-
Yes, the cert work with internet based clients.
-
Yes I'm using HTTPS management point with PKI
-
Hello,
I installed MBAM on my SCCM server without problem.
Everything works properly locally.I deployed a server in DMZ to be able to manage my clients on the internet.
When I deploy Bitlocker via the local everything works, I have the Bitlocker window that opens to activate it.
When I deploy bitlocker on a computer located on the internet, I have no window that opens and I have this in the logs:
Unable to find suitable Recovery Service MP
I use SCCM 1910
Thanks
Bitlocker management client internet
in System Center Configuration Manager (Current Branch)
Posted
I resend the email now