PENDING Call to HttpSendRequestSync failed for port 80 with 12175 error code

[Nilbog]

I'm setting up Configuration Manager and my management point is in a critical status. Some help with these errors would be appreciated. Attaching ccmsetup.log and mpcontrol.log.

 

[vshewale]

I'm setting up Configuration Manager and my management point is in a critical status. Some help with these errors would be appreciated. Attaching ccmsetup.log and mpcontrol.log.

Open IIS and check binding for the certificates that IIS site using. It has to be Server and Client Authentication certificate issued by domain certificate authority (CA)

 

[Nilbog]

Open IIS and check binding for the certificates that IIS site using. It has to be Server and Client Authentication certificate issued by domain certificate authority (CA)

The server was previously using a self signed cert, but a domain CA cert was issued yesterday. Attached is what I see in IIS. The first row, the cert is issued by the server. The second row, the cert is issued by the domain CA.

 

[vshewale]

The server was previously using a self signed cert, but a domain CA cert was issued yesterday. Attached is what I see in IIS. The first row, the cert is issued by the server. The second row, the cert is issued by the domain CA.

Use the second one and make sure it is dual purpose CA issued cert. Restart server or IIS and let us know.

 

[Nilbog]

Use the second one and make sure it is dual purpose CA issued cert. Restart server or IIS and let us know.

Apologies for the delay. I was waiting on somebody to request a dual purpose certificate for the server. It looks like a lot of red went away in the mpcontrol.log, but still getting the "Call to HttpSendRequestSync failed for port 80 with 12044 error code." error. Management Point is still in critical status. Any ideas of what could be causing this? Attached mpcontrol.log.

 

[vshewale]

Apologies for the delay. I was waiting on somebody to request a dual purpose certificate for the server. It looks like a lot of red went away in the mpcontrol.log, but still getting the "Call to HttpSendRequestSync failed for port 80 with 12044 error code." error. Management Point is still in critical status. Any ideas of what could be causing this? Attached mpcontrol.log.

Have you tried this?

 

[Nilbog]

Have you tired this?

All three paths give me the attached error. Attaching cert that the browser is using and verification that it's a dual purpose certification. Also attaching configuration manager site properties. I selected "HTTPS or EHTTP." Does the "Trusted Root Certification Authorities" need to be set?

 

[vshewale]

All three paths give me the attached error. Attaching cert that the browser is using and verification that it's a dual purpose certification. Also attaching configuration manager site properties. I selected "HTTPS or EHTTP." Does the "Trusted Root Certification Authorities" need to be set?

Yes. Please make sure you have all the Root CA and Intermediate certs in there.

 

[Nilbog]

Yes. Please make sure you have all the Root CA and Intermediate certs in there.

I added the root CA. There are no intermediate certs between the root and the server certificate, so I didn't add anything else. I am still getting the same error in mpcontrol.log.

 

[vshewale]

I added the root CA. There are no intermediate certs between the root and the server certificate, so I didn't add anything else. I am still getting the same error in mpcontrol.log.

Is this same one which issued the cert for MP?

 

[Nilbog]

Is this same one which issued the cert for MP?

It's worth noting that this machine is STIG'd. I changed the site communication settings to HTTPS only. Now I'm getting a "Call to HttpSendRequestSync failed for port 443 with 12030 error code" error in mpcontrol.log. This seems to be a certificate based error as well. Where all do I need to put a certificate? I see that the distribution point is using a self-signed cert, but do I need to import one instead?

 

[vshewale]

It's worth noting that this machine is STIG'd. I changed the site communication settings to HTTPS only. Now I'm getting a "Call to HttpSendRequestSync failed for port 443 with 12030 error code" error in mpcontrol.log. This seems to be a certificate based error as well. Where all do I need to put a certificate? I see that the distribution point is using a self-signed cert, but do I need to import one instead?

In that case make sure IIS binding is correct for the default web site for port 443 with CA issued cert that has dual purpose.

 

[Nilbog]

In that case make sure IIS binding is correct for the default web site for port 443 with CA issued cert that has dual purpose

In that case make sure IIS binding is correct for the default web site for port 443 with CA issued cert that has dual purpose.

The correct cert is binded in IIS. Attached is the https binding for IIS. Also attached mpcontrol.log now that I switched site communication to HTTPS only.

 

[Garth]

All three paths give me the attached error. Attaching cert that the browser is using and verification that it's a dual purpose certification. Also attaching configuration manager site properties. I selected "HTTPS or EHTTP." Does the "Trusted Root Certification Authorities" need to be set?

I wrote (or should I say rewrote it) that blog before HTTPS was a big thing. It need to be updated to handle the certs. Some day I will get around to updating it. e.g. it will work perfectly for HTTP but it needs to be update to handle HTTPS.