SCOM – Linux Agent Deployment “Signed certificate verification operation was not successful”

Today I ran into a problem which is not new to SCOM cross-platform monitoring but since this problem will hit you sooner or later it makes sense to write about it. This issue applies to all SCOM versions.

It could well  be that when you are deploying SCOM agents to your UNIX/Linux server you will hit this error dialog…

image

SCOM uses SSL Certificates to communicate via WS-Management between the SCOM management server and the monitored server. The problem here is, that the server01 just has a “flat” common name (CN) “server01”. In order to authenticate successfully the CN name MUST match the FQDN (fully qualified domain name) of the name that is resolved by SCOM for this server e.g. server01.domain.com.

If you are facing this scenario and your UNIX/Linux server has a flat name like server01 you have two choices. Either you change the hostname on your server, which is not always an option, or you create a new certificate with the FQDN hostname and private key without touching the server name at all. I decided to create a new certificate. Just open the a shell and run…

/opt/microsoft/scx/bin/tools/scxsslconfig –h server01 –d domain.com -f –v

image

After you executed the command restart the agent…

/opt/microsoft/scx/bin/tools/scxadmin –restart

And your deployment will succeed…

image

image

Source and more details see TechNet.

2 Comments

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s