Noticed that deployed packages are not downloading. They just keep retrying:

OnEndPackageDownload Package id = {6D417916-467C-46A7-A870-6D86D9345B61}. Status = RETRYING. HTTP error occurred.
-----------------------------------------------------------------------------------------------------
Date: 3/31/2023 1:37:56 AM, Tick Count: 28760015 (07:59:20.0150000), Size: 363 B
Process: AeXNSAgent.exe (3136), Thread ID: 3760, Module: AeXNSCPackageServer.dll
Priority: 4, Source: Package Server Agent

When looking at the actual Package Server where these packages should be downloading from, the agent logs show a message like this:

Entry 1:

Operation 'Direct: Get' failed. 
Protocol: HTTPS 
Host: PackageServer01.domain.net:443 
Path: /altiris/NS/Agent/GetPackageInfo.aspx 
Connection Id: 1555.3136 
Communication profile Id: {########-3134-4BE5-9CA8-######A0F707} 
Throttling: 0 0 0 
Error type: HTTP error 
Error code: HTTP status 403: The client does not have sufficient access rights (0x8FA10193) 
Error note: Empty response content received 
Server HTTPS connection info: 
   Server certificate: 
      Serial number: ## ## ## ## ## ## 31 f7 85 72 ed de 39 c9 7c d9 
      Thumbprint: ## ## ## ## ## ## 6f fb 92 a3 31 de 38 25 05 31 66 2c 67 3b 
   Cryptographic protocol: TLS 1.2 
   Cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256 
   Cipher algorithm: AES 
   Cipher key length: 256 
   Hash algorithm: SHA384 
   Hash length: 384 
   Key exchange algorithm: ECDH_P256 
   Key length: 256
-----------------------------------------------------------------------------------------------------
Date: 3/31/2023 1:37:56 AM, Tick Count: 28760000 (07:59:20), Size: 1.09 KB
Process: AeXNSAgent.exe (3136), Thread ID: 3760, Module: AeXNetComms.dll

Entry 2:

Download package sources failed: HTTP error occurred (0x80042D21)
-----------------------------------------------------------------------------------------------------
Date: 3/31/2023 1:37:56 AM, Tick Count: 28760093 (07:59:20.0930000), Size: 309 B
Process: AeXNSAgent.exe (3136), Thread ID: 3760, Module: AeXPackageDelivery.dll
Priority: 1, Source: PackageDownload

Note:

While troubleshooting this issue, and trying to recreate the IIS Binding for port 443, the following error message was received:

AddIISBinding failed. Unable to commit changes with a new element (HTTPS, *:443:), error: The process cannot access the file because it is being used by another process (0x80070020)
-----------------------------------------------------------------------------------------------------
Date: 3/31/2023 2:07:31 AM, Tick Count: 30534656 (08:28:54.6560000), Size: 411 B
Process: AeXNSAgent.exe (5968), Thread ID: 1124, Module: AeXNSAgent.exe
Priority: 1, Source: IIS7Admin

ITMS 8.6

The Global Site Server setting "Force Overwrite Binding Settings" was turned on for all package Servers. It was causing the recreation of the port 443 binding on the Site Servers constantly.

On the SMP server:

1. Open the SMP Console and go to Settings>Notification Server>Site Server Settings>Global Site Server Settings page

2. If you have enabled the "Configure HTTPS binding" option under "Configure HTTPS on-site servers" and using port 443, make sure the "Force overwrite binding settings" and the "Install certificate" is unchecked (since they were using their own certificates and the port was already bound to port 443 on the site server):

3. After unchecking those 2 options ( "Force overwrite binding settings" and the "Install certificate"), run the "NS.Site Server Profiles Synchronization" Schedule in Windows Task Scheduler.   

4. After running this scheduled task, restart the Symantec Management Agent service on your package server(s)