Error: "HTTP status 403: The client does not have sufficient access rights"

book

Article ID: 170444

calendar_today

Updated On:

Products

Management Platform (Formerly known as Notification Server)

Issue/Introduction

  • Create a CEM package and install the agent on a computer.   
  • The agent fails to register and the agent logs show the following error
    • "HTTP status 403: The client does not have sufficient access rights"
Operation 'Direct: Head' failed. 
Protocol: HTTPS 
Host: TestMachine:443 
Path: /altiris/NS/Agent/GetClientCertificate.aspx 
Id: 10.4696 
Error type: HTTP error 
Error code: HTTP status 403: The client does not have sufficient access 
rights (0x8FA10193) 
Error note: 403 Forbidden

Cause

This is caused by having non self-signed certificates in the trusted root certificate store on the SMP server.

Environment

ITMS 8.1 RU2

Resolution

Use the Microsoft Management Console with the certificate snapin loaded to review the certificates in the Trusted Root Certificate store.   If you have any intermediate certificates in the folder they should be moved to the Intermediate Certificate store.

When reviewing a certificate you can open the certificate and look at the general tab.  If the Issued to: and the Issued by: are from the same name then it is a self signed root certificate.  If the Issued to: and the Issued by: are not the same name then it is not a root certificate and should be moved to the appropriate certificate store.

 

Attachments