Home
  •  

IPsec cert missing

Microsoft.Windows.RemoteAccess.2012.Monitor.DA_IPSEC_HEURISTIC_MISSING_CERT (UnitMonitor)

There is no valid certificate to be used by IPsec which chains to the root/intermediate certificate configured to be used by IPsec in the DirectAccess configuration.

Knowledge Base article:

Summary

There is no valid certificate to be used by IPsec which chains to the root/intermediate certificate configured to be used by IPsec in the DirectAccess configuration.

Causes

The certificate has not been installed or is not valid.

Resolutions

Please ensure that a valid certificate is present in the machine store and DA server is configured to use the corresponding root certificate.The valid certificate must satisfy the following:

a. Should not be expired.

b. Should have a private key.

c. Should be configured to be used for Client authentication.

d. Should chain to the configured root/intermediate cert.

Element properties:

TargetMicrosoft.Windows.RemoteAccess.2012.Class.IPSec
Parent MonitorSystem.Health.ConfigurationState
CategoryCustom
EnabledTrue
Alert GenerateTrue
Alert SeverityError
Alert PriorityNormal
Alert Auto ResolveTrue
Monitor TypeMicrosoft.Windows.RemoteAccess.2012.Monitor.HeuristicMonitorType
RemotableTrue
AccessibilityPublic
Alert Message
IPsec cert missing
Error Description - {0}
Error Cause - {1}
Error Resolution - {2}
RunAsDefault

Source Code:

<UnitMonitor ID="Microsoft.Windows.RemoteAccess.2012.Monitor.DA_IPSEC_HEURISTIC_MISSING_CERT" Accessibility="Public" Enabled="true" Target="Microsoft.Windows.RemoteAccess.2012.Class.IPSec" ParentMonitorID="Health!System.Health.ConfigurationState" Remotable="true" Priority="Normal" TypeID="Microsoft.Windows.RemoteAccess.2012.Monitor.HeuristicMonitorType" ConfirmDelivery="true">

  <Category>Custom</Category>

  <AlertSettings AlertMessage="Microsoft.Windows.RemoteAccess.2012.Monitor.DA_IPSEC_HEURISTIC_MISSING_CERT_AlertMessageResourceID">

    <AlertOnState>Warning</AlertOnState>

    <AutoResolve>true</AutoResolve>

    <AlertPriority>Normal</AlertPriority>

    <AlertSeverity>Error</AlertSeverity>

    <AlertParameters>

      <AlertParameter1>$Data/Context/DataItem/Property[@Name='ErrorDesc']$</AlertParameter1>

      <AlertParameter2>$Data/Context/DataItem/Property[@Name='ErrorCause']$</AlertParameter2>

      <AlertParameter3>$Data/Context/DataItem/Property[@Name='ErrorResolution']$</AlertParameter3>

    </AlertParameters>

  </AlertSettings>

  <OperationalStates>

    <OperationalState ID="UIGeneratedOpStateId637504511c9240079cbb7cf342101424" MonitorTypeStateID="Error" HealthState="Error"/>

    <OperationalState ID="UIGeneratedOpStateId2da624a453614663a8cdc9d4e62be99a" MonitorTypeStateID="Warning" HealthState="Warning"/>

    <OperationalState ID="UIGeneratedOpStateId132a8f9e0ccd46ed9ca4c1c82d4c3b3a" MonitorTypeStateID="Healthy" HealthState="Success"/>

  </OperationalStates>

  <Configuration>

    <Interval>300</Interval>

    <SyncTime/>

    <ComponentName>IPsec</ComponentName>

    <HeuristicId>2148073476</HeuristicId>

  </Configuration>

</UnitMonitor>