SCOM ALERT FOR MS-ORGANIZATION-P2P-ACCESS PKI CERTIFICATE

[daisysl1981]

I am having the following alerts in SCOM:

PartialChain: A certificate chain could not be built to a trusted root authority.

These alerts are generating from the Certificate validity monitor in the PKI Certificate Validation Management Pack. I opened a case with Microsoft trying to solve this issue but they told me that management pack this is a community written management pack and is not under Microsoft support.

Please I need advise.

Thanks, Daisy

[Fursel]

Hi, just override "Discovery of local computer's certificate store "My / Personal" (registry)" , target Windows Computer and in Issuer Filter - Excluded type "CN=MS-Organization-P2P-Access.*"

[cjramseyer]

That doesn't completely solve the issue. I did exactly that and was still getting alerts for MS certificates.

On July 30, 2021 2:24:40 AM Fursel @.***> wrote:

Hi, just override "Discovery of local computer's certificate store "My / Personal" (registry)" , target Windows Computer and in Issuer Filter - Excluded type "CN=MS-Organization-P2P-Access.* — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe.

[daisysl1981]

Hi, I also did exactly that and was still getting alerts for MS certificates.

[Fursel]

@daisysl1981 can you paste here screen from discovery ?

[daisysl1981]

@Fursel, the discovery for certificate store you mean?

[daisysl1981]

@Fursel, any other ideas? Thank you, Daisy

[Fursel]

This is my setting which did filter all Azure Certificates - P2P ones(SCOM 2016 , PKI MP 1.4.3.0)