Expired SCVMM certificate
In SCVMM 2012 R2 we suddenly couldn’t deploy VMs from a template, install “Virtual Guest Services Tools”, etc. All jobs failed with the following:
Error (2912)
An internal error has occurred trying to contact the server.domain.com server: NO_PARAM: NO_PARAM.
WinRM: URL: [http://server.domain.com:5985], Verb: [INVOKE], Method: [GetError], Resource: [http://schemas.microsoft.com/wbem/wsman/1/wmi/root/microsoft/bits/BitsClientJob?JobId={62469246-350C-4ADE-A0BE-80D9E30C382D}]
Unknown error (0x80072f05)
Recommended Action
Check that WS-Management service is installed and running on server server.domain.com. For more information use the command “winrm helpmsg hresult”. If server.domain.com is a host/library/update server or a PXE server role then ensure that VMM agent is installed and running. Refer to http://support.microsoft.com/kb/2742275 for more details.
We verified that we could connect to “server.domain.com” on TCP 5985 from the VMM server.
[PowerShell]:
tnc server.domain.com -Port 5985
Checking the self-signed certificate on the VMM server it showed that it was expired. (01.01.2018)
Resolution:
Delete the expired certificate from the VMM server’s Personal Store and create a new one:
[PowerShell]:
$credential = get-credential
Get-VMMManagedComputer -ComputerName “VMM-Server.domain.com” | Register-SCVMMManagedComputer -Credential $credential
You will now get a new certificate which is valid for 5 years.
Thank you! Had the same error, couldn’t create new VMs. Might have figured out the cert had expired eventually but probably not the register command to regenerate it.
https://support.microsoft.com/en-us/help/4086006/renew-certificates-in-system-center-2012-r2-virtual-machine-manager
The powershell commands didn’t work for me, I had to use the MS tool from the link above to resolve this
Once the certificate has been renewed/recreated, are there any additional steps required on the hosts? Will I need to install the cert in each host’s Trusted Root Authority stores?
There is no additional steps. Just create the new certificate on the VMM server and you are good to go.
We are not able to renew/recreate certificate through this command, Can any one help here, that how we can renew these SCVMM certificate on Rollup update -11
On below it says , install the rollup update 14, but is there any way to do it on rollup 11.
https://support.microsoft.com/en-us/help/4086006/renew-certificates-in-system-center-2012-r2-virtual-machine-manager.
Help is highly appreciated
So the cmdlets didn’t work for you? Have you considered installing the latest rollup?
There is a mistake:
wrong: Get-VMMManagedComputer
right: Get-SCVMMManagedComputer
$credential = get-credential
Get-SCVMMManagedComputer -ComputerName “VMM-Server.domain.com” | Register-SCVMMManagedComputer -Credential $credential
If you find the commandlet doesn’t work, realize there is a “Virtual Machine Manager Command Shell” version of Powershell on the server.
Both the cert deleted and the command can be run on the same server.
I was not able to Provision VMs using PVS server and it turned out to be due to expired cert.
Reviewed the above steps and followed the steps from –
https://techcommunity.microsoft.com/t5/system-center-blog/i-accidentally-deleted-the-vmm-self-signed-certificate-from-the/ba-p/348080
Issue resolved. Thank you all tech volunteers!!!!
Reading this article made me very inspired, thank you so much for writing such a great article, I will definitely follow your blog and read every article you write.