Clients that are connected to the network and communicating with no issues are added to the CEM policy.   The clients receive the CEM policy but are not able to connect through CEM.

Error message on Server logs 

Unable to get the client certificate response XML associated with the specified request (Request: , Exception: Altiris.NS.Exceptions.NSComException (0x00000005): The caller is unauthorized to request a new client certificate. 

at Altiris.Web.NS.Agent.GetClientCertificateBase.GetClientCertificateXml()) 

Message on Client log: 

WARNING: Unexpected response from URL 'https:/SMP:443/Altiris/NS/Agent/GetClientCertificateMIG.aspx': Unable to get the client certificate response XML associated with the specified request (Exception: The caller is unauthorized to request a new client certificate.)

SMA is accessing "https://SMP/Altiris/NS/Agent/GetClientCertificateMig.aspx" anonymously

When accessing the link https://SMP/Altiris/NS/Agent/GetClientCertificateMig.aspx

Getting HTTP error 401: Access is denied.

Authentication Settings of default Website on IIS should be:

Disabled the Anonymous Authentication for GetClientCertificateMig.aspx keeping Windows Authentication enabled.

Require SSL checked and Ignore Client Certificates 

Applies To

ITMS 7.5