Jump to content


hdddisco1

Installing SCCM CB - Failed to find or create machine self-signed certificate on SQL Server

By hdddisco1, in System Center Configuration Manager (Current Branch)

Recommended Posts

hdddisco1 Newbie

hdddisco1

Posted
Posted

Hi All,

First at all, Its a pleasure to sign in to this Forum. Thanks for your support!

I'm working on a secured environment and trying to install SCCM CB 1902 for a demo purpose and are stucking on an error during SCCM install on step "Generating self signed certificate on SQL Server..."

My insfrastructure:

- AD DC Windows Server 2016 with System Management container created and respective permissions asigned

- Remote SQL Server 2016 on Windows Server 2016.

  • SQL service account with Admin Rights
  • SCCM computer account with local Admin Rights and sysadmin
  • SCCM installation account with local Admin Rights and sysadmin

- Windows Server 2016 for SCCM installation

  • SCCM installation account with local Admin Rights
  • SCCM Computer account with local Admin Rights

We control User Rights Management over GPO, Services Permission, Files Permission, etc...

Other services like SCOM is already working.

Attached Error Msg and installation Logs.

Any help?

 

Thanks in advance

Regards

 

 

 

Prerequisite_check.jpg

Error_Generating_Cert.JPG

SQL_Log.jpg

SCCM_Install_Log.jpg

Share this post

Link to post
Share on other sites
anyweb Proficient

anyweb

Posted
Posted

hi and welcome

first things first, why are you installing Configmgr with SQL remote, it's recommended to have it on the same server (primary) as configmgr is installed on, unless you like dealing with issues (such as this one)

 

cheers

niall

Share this post

Link to post
Share on other sites
hdddisco1 Newbie

hdddisco1

Posted
Posted

Well, my preference was to install it as recomended locally but customers  want it on a remote server with specific secured settings. 

We had older version (2007 & 2012R2 on WS2008R2) working with same design. Now I feel a little bit lost with that issue :(. 

Share this post

Link to post
Share on other sites
hdddisco1 Newbie

hdddisco1

Posted
Posted

I tried it installing my SQL server locally and it worked.

My mates had an issue with SCOM, the agent could create certificates on some servers (not all of them), so we had a look over our services and compared them. We saw a difference, the "CNG Key Isolation" service was disabled on servers were SCOM Agent couldn't run. We enabled this service and that solved for me.

After that I tried to move the DB to our remote SQL server and all worked fine!!! I got it, hope it could help other collegues.

Best Regards

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.