Jump to content


gunch

Management Point stops responding to HTTP after changing to HTTPS

Recommended Posts

I have a fresh install of SCCM 2012 on Windows Server 2008 R2. The same SCCM server is running SQL Server, MP, DP, WDS and PXE. The installation was configured to use HTTP at first. I can PXE boot and deploy a Windows 7 image without problems. When I went to retrofit the installation to use HTTPS, I followed the Technet step-by-step found here: http://technet.microsoft.com/en-us/library/gg682023.aspx

When I configure the MP and DP to use HTTPS, I can no longer PXE boot and the MP is generating errors stating that it cannot respond using HTTP. When I switch the MP and DP back to HTTP, everything works again. When I attempt to check the IIS connection using IE, I can connect using HTTPS, when I attempt to connect using HTTP I get a page not found error. The SMSPXE log file shows 80072efe and 80004005 errors.

The mpcontrol log has the same error every minute since enabling HTTPS:

========================================================

>>> Selected Certificate [Thumbprint 7a81594281e48c0994a8e7fc5445da2fa711b439] issued to 'sccm12.mydomain.local' for HTTPS Client Authentication

Failed to send http request /SMS_MP/.sms_aut?MPLIST. Error 12030

Call to HttpSendRequestSync failed for port 443 with 12030 error code.

Sent summary record of SMS Management Point on ["Display=\\sccm12.mydomain.local\"]MSWNET:["SMS_SITE=CHQ"]\\sccm12.mydomain.local\ to \\sccm12.mydomain.LOCAL\SMS_CHQ\inboxes\SiteStat.Box\8f3ucf1w.SUM, Availability 1, 41837564 KB total disk space , 20357040 KB free disk space, installation state 0.

Successfully performed Management Point availability check against local computer.

Initialization still in progress.

==========================================================

Do the steps for troubleshooting 2007 MPs still apply to 2012? Will the MP troubleshooter for 2007 help me with 2012?

We does the logfile show two errors, then says it performed the availability check successfully? Is this supposed to happen?

The SMSPXE log has the following errors everytime a PXE boot is attempted:

==========================================================

Set enterpirse certificate in transport

Set media certificate in transport

Set authenticator in transport

In SSL, but with no client cert

sending with winhttp failed; 80072efe

Failed to get information for MP: https://sccm12.mydomain.local. 80072efe.

PXE::DB_InitializeTransport failed; 0x80004005

PXE::DB_LookupDevice failed; 0x80004005

=========================================================

 

Can deploying SCCM 2012 with HTTPS really be this difficult?

Thanks,

Willy

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...