Users reported issues connecting to the CEM Internet Gateway(s) and registering on SMP or Task Server

Agent logs show entries similar to the following:

Client Auth: CEM agent, TLS 1.1, 1.2, No profile, 00000008]: Failed to initialize, certificate is not available, error: Element not found (0x00000490)
Failed to connect to CEM gateway, no credentials available for TLS 1.1, 1.2 protocol[s], error: Element not found (0x00000490)

ITMS 8.x with CEM

The issue is caused by using a non default target in the CEM policy which does not include all agents where CEM enablement is needed.

In the non-default target applied to the policy, machines that should be allowed to connect through CEM are not included.

This can be verified in the console by going to Settings > Notification Server > Cloud-enabled Management > Policy > Cloud-enabled Management Settings

Verify which computers are added to the policy by changing the view from 'Targets' to 'Computers' then search for a computer that should be able to connect through CEM but is receiving the error.

Add additional computers to the target of the CEM Policy or Policies to allow them connection through the Internet Gateway. The default target can also be used to correct the issue and will be applied to all computers where CEM is possible.

Once this is applied, machines may need to connect through the VPN or internally to receive the updated policy