This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 13%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEM%3C/text%3E%3C/svg%3E)
Not sure what happened to my ConfigMgr... Over the weekend it appears all the Management Points have died... from mpcontrol.log:
>>> Selected Certificate [Thumbprint c60d8a5ae15c3cb3f3514db07b3c63302339c42f] issued to 'SCCMFCSEDUMP1.fcps.org' for HTTPS Client Authentication SMS_MP_CONTROL_MANAGER 10/26/2020 2:32:28 PM 7732 (0x1E34)
WINHTTP_CALLBACK_STATUS_SECURE_FAILURE SMS_MP_CONTROL_MANAGER 10/26/2020 2:32:28 PM 7732 (0x1E34)
[BASEUTIL] AsyncCallback(): ----------------------------------------------------------------- SMS_MP_CONTROL_MANAGER 10/26/2020 2:32:28 PM 7732 (0x1E34)
[BASEUTIL] AsyncCallback(): WINHTTP_CALLBACK_STATUS_SECURE_FAILURE Encountered SMS_MP_CONTROL_MANAGER 10/26/2020 2:32:28 PM 7732 (0x1E34)
[BASEUTIL] : dwStatusInformationLength is 4 SMS_MP_CONTROL_MANAGER 10/26/2020 2:32:28 PM 7732 (0x1E34)
[BASEUTIL] : *lpvStatusInformation is 0x1 SMS_MP_CONTROL_MANAGER 10/26/2020 2:32:28 PM 7732 (0x1E34)
[BASEUTIL] : WINHTTP_CALLBACK_STATUS_FLAG_CERT_REV_FAILED is set SMS_MP_CONTROL_MANAGER 10/26/2020 2:32:28 PM 7732 (0x1E34)
CCMHTTP AsyncCallback(): ----------------------------------------------------------------- SMS_MP_CONTROL_MANAGER 10/26/2020 2:32:28 PM 7732 (0x1E34)
Failed to send http request /SMS_MP/.sms_aut?MPLIST. Error 12175 SMS_MP_CONTROL_MANAGER 10/26/2020 2:32:28 PM 7732 (0x1E34)
Call to HttpSendRequestSync failed for port 443 with 12175 error code. SMS_MP_CONTROL_MANAGER 10/26/2020 2:32:28 PM 7732 (0x1E34)
Sent summary record of SMS Management Point on ["Display=\\SCCMFCSEDUMP1.FCPS.ORG\"]MSWNET:["SMS_SITE=FCS"]\\SCCMFCSEDUMP1.FCPS.ORG\ to D:\SMS\MP\OUTBOXES\sitestat.box\c8hprl1d.SUM, Availability 1, 629142524 KB total disk space , 317743032 KB free disk space, installation state 0. SMS_MP_CONTROL_MANAGER 10/26/2020 2:32:28 PM 7732 (0x1E34)
Http test request failed, error code is 12175. SMS_MP_CONTROL_MANAGER 10/26/2020 2:32:28 PM 7732 (0x1E34)
The cert is fine... CRL is fine... confirmed it's using the cert it's supposed to. Rebooted all the server (site servers too). Uninstalled MP role and reinstalled it (on a different server but they all have the same errors). SUP role and WSUS are on these MPs too and they work perfectly fine and are using the same cert in IIS. SMP role is on one server and that role has the same errors.
KB4577668 was installed on these servers recently. Removed it from one, no changes at all.
I'm at a bit of a loss what the problem could even be, as the log isn't really giving me much to go on here. Any ideas?
The CRL had some invalid data, once corrected things were back to normal
Curious how you figured this out and what you did to correct it? Did you simply publish a new CRL?
Yes I had to publish a new CRL. Not sure what happened to the old one or why only SCCM was impacted
If you review the IIS log on this system, you'll get a more exact error message/code as to which cert is being revoked and why.
Hi,
Besides mentioned above, we could check if it is normal by creating the user certificate and send request to /SMS_MP/.sms_aut by https.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi,
May we know the current status of the question? If there is any other assistance we can provide, please feel free to let us know, we will do our best to help you.
Best regards,
Amanda You