@René Posthumus Thank you for your patience. I discussed this issue with my team, and they recommend excluding that certificate from verification. Since it’s not necessary for you to validate it, we can take care of the validation on our end once it is used.
Getting the public part of the connectorregistrationca.msappproxy.net certificate
Hi, we are currently setting up monitoring for our Entra Private Network Connector farms. We are achieving this with SCOM, but to the point of monitoring the certificates on the machines.
They all alert on chain issues regarding the Connector Client Certificates, which are signed by the connectorregistrationca.msappproxy.net CA, which is not in the trusted issuers store. So when SCOM tries to validate the certificate, it encounters a chain issue. The certificate cannot be validated.
The simplest solution is to download the public part of the CA, and import it in the trusted issuers store. But the thing is, that it seems that the public part is nowhere to be found on the internet.
Is there anyone out there that knows the location of it so we can download it and overcome the certificate monitoring issue? Or any other solution/workaround?
Thank you in advance!
René
-
Givary-MSFT 34,526 Reputation points Microsoft Employee
2024-12-02T12:09:10.99+00:00