search

rafabu / SCOM-PKICertificateMP

This is for SCOM - System Center Operations Manager: The PKI Certificate Verification MP discovers PKI Certificates and Certificate Revocation Lists inside computers’ local certificate stores. It helps preventing service interruptions caused by invalid certificates by alerting when
GNU Lesser General Public License v3.0
20 stars 11 forks source link

All the certificated not getting discovered in SCOM by using the MP ‘PKI Certificate Validation V3' #20

Open onkar2309 opened 4 years ago

onkar2309 commented 4 years ago

Hi Team,

We are having SCOM 2012 R2 ion our environment and we are monitoring the certificates using the MP PKI Certificate Validation V3 (version 1.3.0.0) we have seen with this MP all the certificates in the certificate store of the managed servers are not getting discovered/monitored by SCOM. Now as per MS suggestion we have upgraded the Mp to ‘PKI Certificate Validation V3 (1.4.3.0)’ in our development SCOM environment and still we are facing the same issue. Also we have overridden all the discoveries related to the MP ‘PKI Certificate Validation V3 (1.4.3.0)’ to enable state. Can we get a proper assistance on the same why all the certificates are not getting discovered.

Thanks

onkar2309 commented 4 years ago

Can any one please assist on the above mentioned issue.

boxikg commented 4 years ago

I deployed this MP last week and other solution based on PowerShell discovered a decent number of expired/expiring certificates not discovered by this MP. Any help would be highly appreciated.

SkywalkerHogie commented 4 years ago

Same issue, on some servers only a few certs are being discovered but a whole bunch of them aren't ... and the 'state' isn't changing to Warning or Critical when the certs have the 'Cert Expires within 31 days = True' or 'CertTimeStatus' = '%NotTimeValid%'

BCornelissen commented 3 years ago

Hi all, TopQore will look into the issues for the pack and try and solve where possible. It looks like specific cases, whereby we would need to do troubleshooting with you, in combination with checking the code of the pack at the same time why some certificates are not being discovered or checked. If you want we can try and setup a session and try and find out what is going on. I also see SkywalkerHogie has #23 opened in relation to this potentially. There it looks like a timeout on the discovery script perhaps.

If you see this and want to get in touch with us either reply here or increase the speed of us seeing it by sending an email to contact@topqore.com referencing this pack and issue number.