Posts

Showing posts from September, 2015

Half of clients report: MP has rejected registration request due to failure in client certificate - SCCM 2012 R2

Image
Reference - http://windowsitpro.com/security/q-there-easy-way-automatically-re-enroll-certificate-holders-received-certificate-old-ca-ne
https://social.technet.microsoft.com/Forums/en-US/8d98726d-4f8f-4866-a91a-724c4ffbfdd1/mp-has-rejected-registration-request-due-to-failure-in-client-certificate
Recently we moved our Certification Authority to Windows Server 2012 , subsequently migrating hashing algorithm from sha1 to sha2. After some days we started witnessing above issue on SMS_MP_Control_Manager componet. Even though we had replaced the New Root CA cert on sccm site settings.

Error:- MP has rejected registration request due to failure in client certificate

Solution :- All ConfigMgr certificates and machine certificates on clients were supposed to re-enrolled.
 To force all holders of a particular certificate to automatically enroll for a replacement certificate issued by a CA , used the Reenroll all Certificate Holders feature of the Certificate Templates MMC snap-in. All you need to d…