0 Replies Latest reply on Jan 31, 2014 1:51 PM by lshunnarah

    Upgrade PM to 2.0.2203 - A certificate is missing or has an empty value for an important field, such as a subject or issuer name

    lshunnarah

      I have recently upgraded from PM 1.85.490 to 2.0.2203 using the updater package.  Since upgrading, I have not been able to access any WSUS servers through the console along with having issues doing other tasks.  I've narrowed it down to a certificate issue I think, but I'm having problems resolving the issue.  The upgrade went smooth and no errors or warnings during the process.  Anytime I try to access a WSUS server through the PM console I get a message stating "All management servers are unavailable for management group <group name>".  I do not have an issue with 200+ certificates in the local computers trusted certificate store.  I have well below that amount.  When I look in the event logs for PM I see the same warning messages over and over again regarding all the different automation role servers I have deployed.  The events are as follows:

       

      Log Name:      EminentWare

      Source:        Management Server

      Date:          1/31/2014 2:24:45 PM

      Event ID:      0

      Task Category: None

      Level:         Warning

      Keywords:      Classic

      User:          N/A

      Computer:      <PM PAS.Domain.something>

      Description:

      The management server was unable to synchronize the downstream automation server: <ServerName>

       

      Log Name:      EminentWare

      Source:        Management Server

      Date:          1/31/2014 2:25:29 PM

      Event ID:      0

      Task Category: None

      Level:         Warning

      Keywords:      Classic

      User:          N/A

      Computer:      <PM PAS.Domain.something>

      Description:

      The attempt to connect to the Management Server <PM PAS.domain.something> failed.

      Message: Communication failure.

      A certificate is missing or has an empty value for an important field, such as a subject or issuer name.

      Details: dgsrpcinterface::smartbind() failed.

       

       

      I have ran the upgrade on the automation role server and still get the same error.  I have also ran setuphelper.exe /provisionserver /type primary on the PAS and A server without error, but I still am faced with the same messages.

       

      I enabled verbose logging and tried to access a WSUS server again through the console.  I am going to paste a snippet of the log file that I think may be helpful since it's about 15MB.  I'm pasting from the point in the log file where the first [ERROR] occurs.

       

      2014/01/31 14:25:29:274 PID: 34096 TID: 29316 [ERROR] clientcertificatecache::createserverfullsicspn() failed to find CA certificate for

      2014/01/31 14:25:29:274 PID: 34096 TID: 29316 [VERB] ewException caught: [clientcertificatecache::createserverfullsicspn() cannot find the CA certificate in cache for this servers deviceid. Server is not provisioned.], File: dgs_rpc_interface.cpp, Line: 687

      2014/01/31 14:25:29:274 PID: 34096 TID: 29316 [VERB] ewException caught: [ewException caught: [clientcertificatecache::createserverfullsicspn() cannot find the CA certificate in cache for this servers deviceid. Server is not provisioned.], File: dgs_rpc_interface.cpp, Line: 687], File: dgs_rpc_interface.cpp, Line: 764

      2014/01/31 14:25:29:274 PID: 34096 TID: 29316 [VERB] Communication failure.

      A certificate is missing or has an empty value for an important field, such as a subject or issuer name.

      Details: dgsrpcinterface::smartbind() failed.

       

      I have also verified that the permissions on the c:\programdata\microsoft\crypto\rsa\machinekeys is correct or at least set to it's defaults.

       

      Any input would be very helpful.  I have not been able to find any posts in SW KB or Thwack regarding this particular error.  How can I verify the certificate is actually there?  I can see Eminentware certs in the certificate manager, but I don't know which one this error message is stating is missing or has an empty value.

       

      Louis