Home
  •  

Remote Certificate Not Trusted

Microsoft.SystemCenter.HealthService.RemoteCertificateNotTrusted.Alert (Rule)

This rule generates alerts when it detects that the remote certificate is not trusted.

Knowledge Base article:

Summary

The certificate for a computer that is attempting to communicate with Operations Manager is not trusted. The remote computer will not be monitored until the problem with the certificate is resolved.

Causes

The certificate for the remote computer is issued by a certificate authority that is not trusted by the server running Operations Manager.

Resolutions

View the details for the alert to identify the computer that is using an untrusted certificate. Configure the source computer to use a trusted certificate or configure the server running Operations Manager to trust the certificate authority that issued the certificate. For information about configuring certificates refer to the following:

External

For additional information on certificates and security, see PKI Technologies ( http://technet.microsoft.com/en-us/library/cc779826(WS.10).aspx).

Element properties:

TargetMicrosoft.SystemCenter.ManagementServer
CategoryOperations
EnabledTrue
Event_ID20072
Event SourceOpsMgr Connector
Alert GenerateTrue
Alert SeverityError
Alert PriorityNormal
RemotableTrue
Alert Message
Remote Certificate Was Not Trusted
{0}
Event LogOperations Manager

Member Modules:

ID Module Type TypeId RunAs 
DS DataSource Microsoft.Windows.EventProvider Default
Alert WriteAction System.Health.GenerateAlert Default

Source Code:

<Rule ID="Microsoft.SystemCenter.HealthService.RemoteCertificateNotTrusted.Alert" Enabled="true" Target="SCLibrary!Microsoft.SystemCenter.ManagementServer" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">

  <Category>Operations</Category>

  <DataSources>

    <DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">

      <ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>

      <LogName>Operations Manager</LogName>

      <Expression>

        <And>

          <Expression>

            <SimpleExpression>

              <ValueExpression>

                <XPathQuery Type="String">PublisherName</XPathQuery>

              </ValueExpression>

              <Operator>Equal</Operator>

              <ValueExpression>

                <Value Type="String">OpsMgr Connector</Value>

              </ValueExpression>

            </SimpleExpression>

          </Expression>

          <Expression>

            <SimpleExpression>

              <ValueExpression>

                <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>

              </ValueExpression>

              <Operator>Equal</Operator>

              <ValueExpression>

                <Value Type="UnsignedInteger">20072</Value>

              </ValueExpression>

            </SimpleExpression>

          </Expression>

        </And>

      </Expression>

    </DataSource>

  </DataSources>

  <WriteActions>

    <WriteAction ID="Alert" TypeID="Health!System.Health.GenerateAlert">

      <Priority>1</Priority>

      <Severity>2</Severity>

      <AlertName/>

      <AlertDescription/>

      <AlertOwner/>

      <AlertMessageId>$MPElement[Name="Microsoft.SystemCenter.HealthService.RemoteCertificateNotTrusted.AlertMessage"]$</AlertMessageId>

      <AlertParameters>

        <AlertParameter1>$Data/EventDescription$</AlertParameter1>

      </AlertParameters>

      <Suppression>

        <SuppressionValue>$Data/EventDisplayNumber$</SuppressionValue>

        <SuppressionValue>$Data/PublisherName$</SuppressionValue>

        <SuppressionValue>$Data/Params/Param[1]$</SuppressionValue>

      </Suppression>

    </WriteAction>

  </WriteActions>

</Rule>