The customer reported an issue while trying to update or refresh the "Certificate Management" page (under SMP Console> Settings>All Settings> Notification Server). There is a red "X" on top of the "SMA local proxy certificate".
The NS logs showed errors like this one:
Entry 1:
Unable to attach private key to certificate.
Length of the data to decrypt is invalid.
[System.Security.Cryptography.CryptographicException @ mscorlib]
at System.Security.Cryptography.CryptoAPITransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
at System.Security.Cryptography.CryptoStream.Dispose(Boolean disposing)
at System.IO.Stream.Close()
at Altiris.NS.Utilities.BasicCrypto.Decrypt(Byte[] encryptedData, SymmetricKeyInfo keyInfo)
at Altiris.NS.Utilities.BasicCrypto.DecryptStringFromBase64String(String encryptedData, SymmetricKeyInfo keyInfo)
at Altiris.Resource.StandardResources.DigitalCertificate.AttachPrivateKey(String sPrivateKeyContent)
Unable to attach private key to certificate.
Length of the data to decrypt is invalid.
[System.Security.Cryptography.CryptographicException @ mscorlib]
at System.Security.Cryptography.CryptoAPITransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
at System.Security.Cryptography.CryptoStream.Dispose(Boolean disposing)
at System.IO.Stream.Close()
at Altiris.NS.Utilities.BasicCrypto.Decrypt(Byte[] encryptedData, SymmetricKeyInfo keyInfo)
at Altiris.NS.Utilities.BasicCrypto.DecryptStringFromBase64String(String encryptedData, SymmetricKeyInfo keyInfo)
at Altiris.Resource.StandardResources.DigitalCertificate.AttachPrivateKey(String sPrivateKeyContent)
Exception logged from:
at Altiris.Resource.StandardResources.DigitalCertificate.AttachPrivateKey(String)
at Altiris.Resource.StandardResources.DigitalCertificate.EnsureInitialized()
at Altiris.NS.StandardItems.CertificateConfiguration.CertificateDetails..ctor(Altiris.Resource.StandardResources.DigitalCertificate)
at Altiris.NS.StandardItems.CertificateConfiguration.NSCertificateConfigurationItem.GetCertificateDetails(System.Guid, Int32, System.Guid)
at Altiris.NS.StandardItems.CertificateConfiguration.NSCertificateConfigurationItem.GetDetails(System.Guid, System.Collections.Specialized.NameValueCollection)
at Altiris.Web.NS.Services.GetItemDetails.ProcessRequest(System.Web.HttpContext)
at System.Web.HttpApplication+CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStepImpl(System.Web.HttpApplication+IExecutionStep)
at System.Web.HttpApplication.ExecuteStep(System.Web.HttpApplication+IExecutionStep, Boolean&)
at System.Web.HttpApplication+PipelineStepManager.ResumeSteps(Exception)
at System.Web.HttpApplication.BeginProcessRequestNotification(System.Web.HttpContext, AsyncCallback)
at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(System.Web.Hosting.IIS7WorkerRequest, System.Web.HttpContext)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr, IntPtr, IntPtr, Int32)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr, IntPtr, IntPtr, Int32)
at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr, System.Web.RequestNotificationStatus&)
at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr, System.Web.RequestNotificationStatus&)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr, IntPtr, IntPtr, Int32)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr, IntPtr, IntPtr, Int32)
HTTP [GET]: https://mySMP.YourDomain.com/Altiris/NS/GetItemDetails.aspx?ItemGuid=e923e00f-cc91-4b9e-a06c-73d07cf22c3f&ResourceGuid=2764fdb2-0338-4770-95d9-aff3a120ca1f&Port=-1&DetailsProvider=4e4ff680-078a-47dc-9928-23cb833145d0
ip: [10.16.169.44]; languages: [en-US];
response: [200 OK]; x-smp-nsversion: [8.5.4249.0];
-----------------------------------------------------------------------------------------------------
Date: 7/24/2019 12:27:48 PM, Tick Count: 180912593 (2.02:15:12.5930000), Size: 3.38 KB
Process: w3wp (21052), Thread ID: 1489, Module: Altiris.Resource.dll
Priority: 1, Source: Altiris.Resource.StandardResources.DigitalCertificate.AttachPrivateKey
ITMS 8.5
This is a Microsoft issue caused by having problems encrypting/decrypting.
If the suggestions on TECH255317 or TECH255621 didn't help in regards of providing Full Control permissions to your Application Identity account, please try the following: