This monitor checks for a valid SQL Server Service Broker certificate.
The SQL Server Service Broker certificate is used to authenticate and encrypt communications between the parent and child SQL Servers. It is used for Configuration Manager replication communication between SQL Severs for the parent and child sites. When the certificate is valid, normal authenticated and encrypted communication between the SQL Servers uses this certificate. However, once the certificate is invalid, the communication between the SQL Servers is not authorized and no Configuration Manager replication can occur between the parent and child sites. The SQL Server Service Broker certificate is automatically created during installation of the site – it expires 30 years after the original creation.
The database machine certificate becomes invalid in one of several ways:
The SQL Server Service Broker certificate is manually deleted from the certificate store.
The SQL Server Service Broker certificate has expired.
The SQL Server Service Broker certificate association with SQL Server login has been broken
Configuration Manager automatically corrects this scenario by recreating a self-signed certificate. The expiration date for the newly created self-signed certificate is 30 years after the creation date. Check the hman.log in the [Configuration Manager Installation folder]\Logs for further information.
Target | MECM.SiteServer | ||
Parent Monitor | System.Health.ConfigurationState | ||
Category | ConfigurationHealth | ||
Enabled | True | ||
Alert Generate | True | ||
Alert Severity | MatchMonitorHealth | ||
Alert Priority | Normal | ||
Alert Auto Resolve | True | ||
Monitor Type | MECM.StatusMessage3State.MT | ||
Remotable | True | ||
Accessibility | Public | ||
Alert Message |
| ||
RunAs | Default |
<UnitMonitor ID="MECM.SQLSSBCert.StatusMessage.Monitor" Accessibility="Public" Enabled="true" Target="MECM.SiteServer" ParentMonitorID="Health!System.Health.ConfigurationState" Remotable="true" Priority="Normal" TypeID="MECM.StatusMessage3State.MT" ConfirmDelivery="true">
<Category>ConfigurationHealth</Category>
<AlertSettings AlertMessage="MECM.SQLSSBCert.StatusMessage.Monitor.AlertMessage">
<AlertOnState>Warning</AlertOnState>
<AutoResolve>true</AutoResolve>
<AlertPriority>Normal</AlertPriority>
<AlertSeverity>MatchMonitorHealth</AlertSeverity>
</AlertSettings>
<OperationalStates>
<OperationalState ID="UIGeneratedOpStateId5af6895102354adb830bd8c81212af5e" MonitorTypeStateID="Good" HealthState="Success"/>
<OperationalState ID="UIGeneratedOpStateId0e195c4058b24ce3ba904aea0cfbd66a" MonitorTypeStateID="Warning" HealthState="Warning"/>
<OperationalState ID="UIGeneratedOpStateId5ceca7ccc597470c9e873dee7eb5aab5" MonitorTypeStateID="Error" HealthState="Error"/>
</OperationalStates>
<Configuration>
<ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/PrincipalName$</ComputerName>
<ComponentName>SMS_HIERARCHY_MANAGER</ComponentName>
<RuleId>812A1E5F-B31C-45a5-89EE-695460882F38</RuleId>
<IntervalSeconds>360</IntervalSeconds>
<MatchCount>3</MatchCount>
</Configuration>
</UnitMonitor>