search cancel

Can't add SMP Server to gateway. Get an error "Unable to get the server certificate response XML associated with the specified request"

book

Article ID: 172212

calendar_today

Updated On:

Products

IT Management Suite

Issue/Introduction

Trying to add a SMP server to the CEM Gateway. It fails trying to GetServerCertificate.aspx.

The gateway (no even on the SMP itself) can't get the proper response from :

https://smpserver.domain.local/Altiris/ns/agent/GetServerCertificate.aspx

We should be getting a response like this one when accessing this page:

Unable to get the server certificate response XML associated with the specified request {Exception: System.ArgumentNullException: Value cannot be null.

Error entry:

Unable to get the server certificate response XML associated with the specified request (Exception: System.ArgumentNullException: Value cannot be null.
Parameter name: certificate
   at Altiris.NS.Security.Cryptography.CertificateManager.GetCertificateAsPEM(X509Certificate2 certificate)
   at Altiris.Web.NS.Agent.GetServerCertificate.GetLegacyResponse(Boolean getCrlHash, Boolean getCrl)
   at Altiris.Web.NS.Agent.GetServerCertificate.GetResponse()
   at Altiris.Web.NS.Agent.GetServerCertificate.GetServerCertificateXml())
-----------------------------------------------------------------------------------------------------
Date: 7/27/2018 3:38:34 PM, Tick Count: 13271078 (03:41:11.0780000), Size: 790 B
Process: w3wp (7312), Thread ID: 113, Module: w3wp.exe
Priority: 1, Source: Altiris.Web.NS.Agent.GetServerCertificate.GetServerCertificateXml

Cause

The Certificate for the Agent CA on the notification server was missing the private key.

Environment

ITMS 8.1 RU6

Resolution

The customer had a backup copy of the Agent CA.  The certicate was imported with the private key into the "Trusted Root Certification Authorities" store on the SMP itself.

Attachments