I've been running SCCM for quite some time now specifically for deployments and patching of our Windows 10 workstations. We've recently decided to move our Windows Server patching into this environment as well. For the most part this has been quite successful except i am having issues with a few servers that have IIS installed with the default https on 443 binding.
After installing the SCCM agent on one of these servers i can see that the sslcert bound to port 443 has been replaced/hijaked (for lack of a better term) with a different cert. This obviously impacts existing services on the server. Upon removing the SCCM agent and re-applying the certificate again in IIS everything goes back to normal.
Is this something that anyone has encountered before? Would anyone have any suggestions as to how i could approach resolving this?
For what its worth if relevant. I'm running Version 2107. Agents are being pushed to clients from the SCCM console manually. Https communication only with internal PKI.
Wanted to ask first before looking into having to change default ports on individual servers. Haven't been really been able to come across any best practices for this scenario.
Thanks
After installing the SCCM agent on one of these servers i can see that the sslcert bound to port 443 has been replaced/hijaked (for lack of a better term) with a different cert. This obviously impacts existing services on the server. Upon removing the SCCM agent and re-applying the certificate again in IIS everything goes back to normal.
Is this something that anyone has encountered before? Would anyone have any suggestions as to how i could approach resolving this?
For what its worth if relevant. I'm running Version 2107. Agents are being pushed to clients from the SCCM console manually. Https communication only with internal PKI.
Wanted to ask first before looking into having to change default ports on individual servers. Haven't been really been able to come across any best practices for this scenario.
Thanks
