IT Monkey:    
Effective January 30, 2018 this app has been retired by Cireson. Cireson will no longer provide future feature updates, security patches, or support. However, the functionality you know and love has been enhanced and integrated into the new True Control Center.

To get the most of out of your System Center investment and to ensure compatibility with other software applications and systems, we recommend you take advantage of the True Control Center. Take it for a test drive in our online demo lab or request a free 30-day trial.

SSL in Remote Manage

Austin_WongCarterAustin_WongCarter Customer IT Monkey ✭
edited April 2017 in Remote Manage
I saw that SSL is enabled in Remote manage, but I am having trouble making it work because the FQDN is the Common Name in a computer certificate. 

I can connect to the computer using the FQDN, but It won't give me any information from the SCCM Server, OR I can connect to the computer using ComputerName and it will pull the Device collections, but give an error:
"The SSL certificate contains a common name (CN) that does not match the hostname." and not populate any information from the computer itself.

Any ideas?


  • jtuffinjtuffin Member IT Monkey ✭
    I too have the same issue. We have WinRM locked down to SSL only so we are forced to use SSL.

    Like you mentioned if I enter the FQDN of the machine it connects but then SCCM won't find the object. If I try to connect without the FQDN SCCM finds the object but Remote Manage fails to connect because of the mismatch to the certificate.

    A solution to this would be great so we can trial this tool.


  • Austin_WongCarterAustin_WongCarter Customer IT Monkey ✭
    I've been debating trying to create a cert that would include the NetBIOS name as an alternative name, I think that would work, but I'm not sure security would like it.
  • Hi guys,

    I honestly don't know that answer to this, but will ask the dev of the tool who implemented the SSL support if he knows how that is to work. Either he or I will update when we have something else to share.

  • F_ChristiansenF_Christiansen Cireson Dev Advanced IT Monkey ✭✭✭
    Hi guys,

    Wally pinged me on this and you are right; there is an issue with getting collections and inventory data from ConfigMgr when using SSL with FQDN as specified client name.

    The suggest @Austin_WongCarter has with a certificate including the netbios name would solve it if such certificate can be created.
    The problem is that ConfigMgr expects a netbios name for the client and we are not converting the FQDN into that currently.

    We will fix this issue in an upcoming release.

    Best regards
    Flemming Appelon Christiansen
This discussion has been closed.