Steven, Thanks for the information we had to resolve this by re-issuing a new Root-CA with chain and importing this to all MS, and GW servers and agent non domain joined agents.
Peter Hakesley | Monitoring & Automation Technical Lead Engineer, Data Centre Services t: +44(0)845 155 6556 ext: 4006 e: [email protected] | w: www.scc.com<http://www.scc.com/> a: SCC, CV1, Cole Valley, 20 Westwood Avenue, Tyseley, Birmingham B11 3RZ From: Steven Peck [mailto:[email protected]] Sent: 02/November/2016 17:51 To: Pete Hakesley <[email protected]>; [email protected] Subject: RE: [msmom] Chained Gateways I realize this is old, but I had a certificate issue recently because we are changing root CAs internally because 'reasons'. I had to make sure all the certificate chains from both CAs were on ALL systems. Hope that helps some. From: Pete Hakesley<mailto:[email protected]> Sent: Wednesday, October 12, 2016 12:32 AM To: [email protected]<mailto:[email protected]> Subject: [msmom] Chained Gateways HI all, Have followed the example of chained gateways at https://blogs.technet.microsoft.com/momteam/2009/12/08/how-to-link-multiple-gateway-servers-together/ [https://msdnshared.blob.core.windows.net/media/TNBlogsFS/BlogFileStorage/blogs_technet/momteam/WindowsLiveWriter/HowtolinkmultipleGatewayServerstogether_95E6/image_26.png] I have a CA where my SCOM 2012 R2 servers site in an AD domain. Gateway 1 is in another domain and has the CA and a Ops Mgr Certificate installed and is in comms - All OK Gateway 2 has the CA certificate and a OpsMgr certificate issues by the CA. My question Is this I am getting Event 20067,21002 are being reported with suggest the OpsMgr certificate on GW1 is not trusted by GW2 even though they are both issues from the same CA. Therefore, do I need a certificate (what and where) for GW1 on GW2? Peter Hakesley | Monitoring & Automation Technical Lead Engineer, Data Centre Services t: +44(0)845 155 6556 ext: 4006 e: [email protected]<mailto:[email protected]> | w: www.scc.com<http://www.scc.com/> a: SCC, CV1, Cole Valley, 20 Westwood Avenue, Tyseley, Birmingham B11 3RZ
