Computer was not able to register with a secured (https) Notification Server. Reviewing the Altiris Agent logs from the client having the issue the following error messages were found.
Description: Security context handle is invalid (-2146893055)
Description: Get '<URL TO NS TO CREATE A RESOURCE>' failed: HTTP Request Failed: The certificate chain was issued by an authority that is not trusted. (-2146893019)
Description: HTTP Request Failed: The certificate chain was issued by an authority that is not trusted. (-2146893019)
Description: RequestPolicies failed: HTTP Request Failed: The certificate chain was issued by an authority that is not trusted. (-2146893019)
The certificate chain for the CA that assigned the SSL certificate to the Notification Server is not contained within the local certificate store of the client. In this specific case the customer was applying the certificate chain via a GPO. This specific computer had been moved to an OU outside the scope of the GPO.The certificate for the CA used must reside in the "Trusted Root Certification Authorities/Certificates" certificate container. It would likely be best that it reside in the Computer/Local Computer container - and be assigned on computer basis in AD as well.
The customer added the Certificate chain to the local certificate store on the system experiencing the issue. After the certificate was added a refresh of the client policies confirmed that the system was now able to communicate with the Notification Server as the system was assigned a GUID.
Steps to take to install the root certificate from a Windows Certificate Authority Server (CA);
Notification Server 6.0 SP3
Symantec Management Platform 7.0
Notification Server/Symantec Management Platform configured to use HTTPS/SSL