The ConfigMgr Advanced Client rejected the site server signing certificate

Error messgae “The ConfigMgr Advanced Client rejected the site server signing certificate to a trust-related failure (0x800b0109)” is showing up on few clients which are failing to install the certificate from the enterprise root CA.

Solution :
Compare the following registry values between a working and a failing client. If the values are different, replace the values on the bad machine with those from the good machine and re-install the client:

X64 – HKLM\Software\WOW6432Node\Microsoft\CCM\Security
X86 – HKLM\Software\Microsoft\CCM\Security
Keys - AllowedRootCAHashCode, Signing Certificate.

This may be helpful as well:  Renewing or Changing the Site Server Signing Certificate

This posting is provided “AS IS” with no warranties and confers no rights.

No comments:

Post a Comment