Attempting to deploy the System Center Operations Manager 2007 Linux Agent to a Red Hat server fails. In this scenario you receive the error below while discovering and deploying the agent:
The certificate Common Name (CN) does not match. Please resolve the issue, and then run
The server certificate on the destination computer (<Redhat machine name>) has the following errors: The SSL certificate is signed by an unknown certificate authority. The SSL certificate contains a common name (CN) that does not match the hostname. For additional help on this error please go to ....
This can occur for either of the following reasons:
- Certificates may not be valid as the reporting server may have been changed
- The certificate contains an incorrect host name
To resolve this issue, complete the steps below:
1. Remove the existing contents of the agent directory on the server and reinstall the agent RPM 2. Generate the certificate, making sure to use the correct host name: "/opt/Microsoft/scx/bin/tools/scssslconfig –f –h <hostname>" 3. Check the status of the certificate: "openssl x509 -noout -in /etc/opt/microsoft/scx/ssl/scx.pem -subject -issuer -dates" 4. Discover the agent from the console and sign the invalid certificate without SSH This is now available in a Microsoft Knowledge Base article here. -Chandan Bharti
Ed Price - MSFT edited Original. Comment: TOC & tags