Search the Community
Showing results for tags 'SSL'.
Found 6 results
-
Team, In a recent Security Audit at my workplace , it was found that SSLv3 was enabled on IBCM server. We need to disable SSLv3 , TLSv1 & enable TLSv1.2 . Did anybody done this… Kindly share your Observations.. Also, Any Support article, guide will be of great help. I have done the changes as per reading on Internet under... HKey_Local_MachineSystemCurrentControlSetControlSecurityProviders SCHANNELProtocols Now, my Internet Based clients are not communicating to IBCM server at all. No Pol -
Good afternoon, Is there a built-in Alert or Report (or one that can be made simply enough) to send an email (or notify in the console) that the Distribution Point certificate is expiring within 30 days? Is this possible? Thanks! Jesse -
Hi, Yesterday I tried to make our site server and distribution points SSL. There are a ton of guides on the internet for how to do this. I think i ended up using this one: https://sccmguy.com/2013/11/26/pki-certificates-for-configuration-manager-2012-r2-part-1-of-4-web-server-certificate/. However, when we were done, client communication stopped. Some of the relevant logs: From CcmMessaging Successfully queued event on HTTP/HTTPS failure for server 'XXX'. Post to https://XXX/ccm_system_windowsauth/request failed with 0x87d00231. From CcmNotificationAgent Error: Server certificate ret
-
So I find today that in trying to test a new TS that when booting PXE, I get an error screen from WDS that just only displays the error code 0xc000000f. Digging around, I've found some that say it's a WDS problem and another that says it's an SSL issue because the MP is SSL but the DP is not. One article states that if the MP is SSL, the DP also has to be using the PKI Cert as well instead of the self-signed. Another article mentions no problems with the DP being non-SSL. This is what I'm seeing in SMSPXE.log PXE::MP_GetList failed; 0x80070490 SMSPXE 5/16/2017 2:50:13 PM -
HTTPS to HTTP issues
jtelling posted a topic in System Center Configuration Manager (Current Branch)
Running into an issue that I cannot wrap my head around. We recently switched from HTTPS to HTTP and now clients will not talk to remote MPs or DPs on Secondary Sites. Talking back to MP on Stand Alone Primary works fine. I have revoked certs from CA and removed certs from servers but all of my Secondary sites are having issues with MPs and DPs (no PXE Boot Filename Received). Also removed Secondary Site, WDS, WSUS, all prereqs and reinstalled. Tried PXE booting to WDS + MDT 2013 and that works, but once SCCM PXE boot is turned on, I get the error. Boot images are distributed to DPs and Task S -
We have a small number of servers in our DMZ all are in their own workgroups so no knowledge of each other. They are also not all internet connected so patches must be pushed from internal to DMZ. I noticed this post https://nikifoster.wordpress.com/2011/01/31/installing-configmgr-clients-on-servers-in-a-dmz/ which states as long as I have firewall rules inplace I can manually install the clients and have them talk directly back to my site server internally no certificates required. I was also looking at https://social.technet.microsoft.com/Forums/en-US/f8b1b51e-515e-41f6-bb1e-cdeeabb11f
