5 Replies Latest reply on May 15, 2009 3:20 PM by medriver

    Creating Broker Cert Script


      Hello All,


      I have about 30-50 laptops in house that were already existing with LDClient before we got our LD Management gateway, and I've been updating clients, and attempting to get the broker cert installed.


      I'm trying to use the pre-packaged broker cert script and it is erroring out on every computer that I'm attempting to install the cert on.


      unknown status code (0x8010002D,16:45)


      That's the error code that I am receiving.  Anyone have any clues or hints in what direction I can wander to figure this out?

        • 1. Re: Creating Broker Cert Script

          Is your scheduler account configured to use an account that is in the managementsuite group on your core server?  If not I would start by changing that.

          • 2. Re: Creating Broker Cert Script

            Well this is interesting.  I tried your suggestion Ty, as I had not put that particular service account into the management group and tried again.  It still didn't post a cert, same error.


            So I decided to attempt to create a cert on my local PC, just to see if it even worked with the brokerconfig.exe gui and everything.  Put in a user with correct access and it just timed out with, "failed to retrieve certificate".

            And I thought this machine had the cert from a long time ago, but apparently not, it listed as "the client certificate is not present.  press send to retrieve a certificate".


            So apparently I haven't been passing out certs?... Looks like its time to contact support probably.

            • 3. Re: Creating Broker Cert Script

              in your certs folder on your clients do you have a bunch of .0 files.  If you delete\move all of them except for the one that is in the ldlogon dir on the core server does it work.  Assuming you have the proper cert posted to your GW.

              • 4. Re: Creating Broker Cert Script

                I tried that by cleaning up the certs and no dice.


                I also went through the troubleshooting guide for the management gateway in general and everything as far as communication and testing worked out.


                The only thing I can think of, well a question rather, is how does the client go to get the certificate?  Does it go to the outside address of the management gateway and pull it from there?  If it does, that would make sense as to why its failing as we happen to have all internal loop-backs blocked internally.

                • 5. Re: Creating Broker Cert Script

                  I just ran into this same issue. I was able to resolve it by restarting the mangement gateway service on the core. I am now able to push out broker certs without issue.