Home
  •  

Certificate tool CertUtil.exe compatibility

SystemCenterCentral.Utilities.Certificates.CertUtil.Supported.Monitor (UnitMonitor)

The "PKI Certificate Validation" management pack uses the command line tool CertUtil.exe to disocver and monitor locally installed computer certificates. If this tool is not installed or the OS language is not supported, the management pack will fail to discover the certificates.

Knowledge Base article:

Summary

The command CertUtil.exe on this computer is not availabe or not installed on this computer. It is required by the PKI Certificate Validation Management Pack. The Management Pack supports the following Operating System languages:

Resolutions

On Windows XP, CertUtil.exe may be installed from the Windows Server 2003 Administration Pack. See the resolution for KB 934576 about this.

On Windows 2000, the Windows Server 2003 CertUtil.exe has to be installed locally to %programfiles%\certutil. When montoring WinNt Service certificates on Server 2003, Windows Server 2008 CertUtil.exe binaries to %programfiles%\certutil. See the Management Pack release notes for details.

If you require the management pack to support an additional language, please contact the authors. Contact details are found in the Management Pack guide.

Element properties:

TargetMicrosoft.Windows.OperatingSystem
Parent MonitorSystem.Health.ConfigurationState
CategoryConfigurationHealth
EnabledTrue
Alert GenerateTrue
Alert SeverityMatchMonitorHealth
Alert PriorityNormal
Alert Auto ResolveTrue
Monitor TypeMicrosoft.Windows.2SingleEventLog2StateMonitorType
RemotableTrue
AccessibilityInternal
Alert Message
Certificate tool CertUtil.exe is not compatible
CertUtil.exe is either not present on this computer or the OS language is not supported by the "PKI Certificate Validation" management pack.
RunAsDefault

Source Code:

<UnitMonitor ID="SystemCenterCentral.Utilities.Certificates.CertUtil.Supported.Monitor" Accessibility="Internal" Enabled="onEssentialMonitoring" Target="Windows!Microsoft.Windows.OperatingSystem" ParentMonitorID="Health!System.Health.ConfigurationState" Remotable="true" Priority="Normal" TypeID="Windows!Microsoft.Windows.2SingleEventLog2StateMonitorType" ConfirmDelivery="true">

  <Category>ConfigurationHealth</Category>

  <AlertSettings AlertMessage="SystemCenterCentral.Utilities.Certificates.CertUtil.Supported.Monitor_AlertMessageResourceID">

    <AlertOnState>Warning</AlertOnState>

    <AutoResolve>true</AutoResolve>

    <AlertPriority>Normal</AlertPriority>

    <AlertSeverity>MatchMonitorHealth</AlertSeverity>

  </AlertSettings>

  <OperationalStates>

    <OperationalState ID="FirstEventRaised" MonitorTypeStateID="FirstEventRaised" HealthState="Warning"/>

    <OperationalState ID="SecondEventRaised" MonitorTypeStateID="SecondEventRaised" HealthState="Success"/>

  </OperationalStates>

  <Configuration>

    <FirstComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</FirstComputerName>

    <FirstLogName>Operations Manager</FirstLogName>

    <FirstExpression>

      <And>

        <Expression>

          <RegExExpression>

            <ValueExpression>

              <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>

            </ValueExpression>

            <Operator>MatchesRegularExpression</Operator>

            <Pattern>^300(4|5)$</Pattern>

          </RegExExpression>

        </Expression>

        <Expression>

          <SimpleExpression>

            <ValueExpression>

              <XPathQuery Type="String">PublisherName</XPathQuery>

            </ValueExpression>

            <Operator>Equal</Operator>

            <ValueExpression>

              <Value Type="String">Health Service Script</Value>

            </ValueExpression>

          </SimpleExpression>

        </Expression>

        <Expression>

          <SimpleExpression>

            <ValueExpression>

              <XPathQuery Type="String">Params/Param[1]</XPathQuery>

            </ValueExpression>

            <Operator>Equal</Operator>

            <ValueExpression>

              <Value Type="String">SystemCenterCentral.Utilities.Certificates.LocalScriptProbe.vbs</Value>

            </ValueExpression>

          </SimpleExpression>

        </Expression>

      </And>

    </FirstExpression>

    <SecondComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</SecondComputerName>

    <SecondLogName>Operations Manager</SecondLogName>

    <SecondExpression>

      <And>

        <Expression>

          <RegExExpression>

            <ValueExpression>

              <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>

            </ValueExpression>

            <Operator>MatchesRegularExpression</Operator>

            <Pattern>^300(1|2)$</Pattern>

          </RegExExpression>

        </Expression>

        <Expression>

          <SimpleExpression>

            <ValueExpression>

              <XPathQuery Type="String">PublisherName</XPathQuery>

            </ValueExpression>

            <Operator>Equal</Operator>

            <ValueExpression>

              <Value Type="String">Health Service Script</Value>

            </ValueExpression>

          </SimpleExpression>

        </Expression>

        <Expression>

          <SimpleExpression>

            <ValueExpression>

              <XPathQuery Type="String">Params/Param[1]</XPathQuery>

            </ValueExpression>

            <Operator>Equal</Operator>

            <ValueExpression>

              <Value Type="String">SystemCenterCentral.Utilities.Certificates.LocalScriptProbe.vbs</Value>

            </ValueExpression>

          </SimpleExpression>

        </Expression>

      </And>

    </SecondExpression>

  </Configuration>

</UnitMonitor>