Hi,
Like the error message states, I would verify that:
- The certificate is issued by a trusted Certificate Authority (CA)
- The certificate is not expired
- The certificate is issued for the appropriate web site
What actually happens is when downloading the management packs from the Operations Console, is SCOM is performing a web service call to the following URL:
https://www.microsoft.com/mpdownload/ManagementPackCatalogWebService.asmx
The web site can be behind many IP addresses, more information mentioned here:
https://www.catapultsystems.com/blogs/tips-and-tricks-opsmgr-2012-sp1-what-web-service-url-ip-and-ports-does-the-management-pack-catalog-web-service-call/
If the certificate is fine and trusted, you could try setting the web service URL as a trusted site in Internet Explorer.
(If the reply was helpful please don't forget to upvote or accept as answer, thank you)
Best regards,
Leon