The steps for configuring certificates in Operations Manager are numerous and one can easily get them confused. I see posts to the newsgroups and discussion lists regularly trying to troubleshoot why certificate auth is not working, perhaps for a workgroup machine or gateway. Sometimes it takes 3 or 4 messages back and forth before I or anyone else can diagnose what the problem actually is. Once this is finally done we can suggest how to fix the problem.
In an attempt to make this diagnosis stage eaiser, I put together a Powershell script which automatically checks installed certificates for the needed properties and configuration. If you think everything is set up correctly but the machines just won't communicate, try running this script on each computer and it will hopefully point you to the issue. I have tried to provide useful knowledge for fixing the problems.
This is for stand-alone Powershell 1.0 - it does not require the Ops Mgr Powershell snapins.
Please leave a comment if you find bugs or the script gives a faulty verdict for you - either it says your setup is fine but actually it's not working OR it says your setup is busted but the machines communicate anyways. I appreciate this feedback and will use it to improve and update the script.
Thanks! -Lincoln
Update 2/6/2009: Added some fixes to the script thanks to feedback from a few sources and a bit of extra testing.
Update 7/1/2009: Fix for computer name checking for workgroup machines
Great post Lincoln, config certificates is really a hard process, so with this porwershell tool we can have more shure.
Thank you so much.
Cleber Marques
Operations Manager 2007 MVP
I am getting blue page, this I think is expolorer has a fault.