SSL error when trying to register a Windows workstation into the ZCM zone

  • 7002409
  • 21-Jan-2009
  • 27-Apr-2012

Environment

Novell ZENworks 10 Configuration Management with Support Pack 1 - 10.1 Registration

Situation

When the ZCM Agent tries to register into the ZCM zone, the following error occurs :
 
Registration Manager - Network error with the server : The underlying connection was closed : Could not establish trust relationship for the SSL/TLS secure channel.
 

Resolution

Something is wrong with the ZCM server certificate stored on the workstation and that's why the ZCM Agent cannot register into the ZCM zone.  To solve this problem, the ZCM server certificate stored on the workstation must be deleted and recreated :
 
1.  Uninstall the ZENworks Agent and CASA
2.  Execute "certmgr.msc". Select "Trusted Root Certification Authorities" and then "Certificates". There, delete the ZCM server certificate (it will appear under the ZCM server name)
3.  Reboot the Windows workstation
4.  Reinstall the ZENworks Agent and CASA
 

Additional Information

Most likely, the reason why this problem occured in the first place is because the ZCM Primary server had been reinstalled from scratch with the same name. This resulted in a new certificate being created during the reinstallation of the ZCM Server, but with the same name as the old certificate. The workstations with the old certificate would not get the new certificate since they "already had it". An easy way to solve this issue is to manually delete the old certificate to let the ZENworks agent get the new certificate.