Submit a ticketCall us

AnnouncementsFace your biggest database issues head-on

Our new eCourse helps you navigate SQL Server performance blocks by teaching you how to recognize and deal with the three DBA Disruptors: Performance Hog, Blame Shifter, and Query Blocker. Register today to learn how to defend your environment and fend off menacing disruptions.

Register for your free eCourse.

Home > Success Center > Patch Manager > Patch Manager - Knowledgebase Articles > Patch Manager installation error: Over Certificate limit

Patch Manager installation error: Over Certificate limit

Overview

Patch Manager displays one of the following error messages when you attempt to retrieve WSUS or computer information, run reports, or perform configuration management tasks:

All management servers are unavailable for management group. 200 certificates
Setup has detected that the certificate count in the ‘Trusted Root Certificate Authorities’ store exceeds 200

You may also see errors that indicate the "RPC Server is Too Busy," or installation errors due to too many certificates.

Environment

All Patch Manager versions

Cause

Too many certificates are installed in the Patch Manager server's Trusted Root Certification Authorities certificate store.

If there are more than 200 certificates in this store, Microsoft's algorithm for searching and scanning the store fails. Patch Manager warns you during installation and upgrades if you are over this limit. However, it returns the previous error message if you add new certificates and exceed the limit after you have installed Patch Manager.

Resolution

Reduce the number of certificates on your Patch Manager server. The following are examples of certificates that are generally considered safe to delete:

  • Expired certificates
  • Unknown foreign certificates
  • Certificates with a key-length of 1024 bits or smaller

The snap-in lists the certificates in the center pane, and displays the total number of certificates in the status bar at the bottom of the MMC window.

  1. Open the Run dialog box on the affected Patch Manager server and enter:
    mmc.exe
  2. In the Console window, press Ctrl+M to add a new snap-in:
    1. In the Add or Remove Snap-ins window, select Certificates in the left pane, and then click Add.
    2. In the Certificates snap-in dialog box, select Computer account, and then click Next.
    3. In the Select Computer screen, select Local computer, and click Finish.
    4. In the Add or Remove Snap-ins window, click OK.
  3. Expand Certificates (Local Computer) > Trusted Root Certification Authorities, and then select Certificates in the navigation pane.
  4. Delete all unneeded certificates until the total number of certificates is around 180:
    1. In the center pane, select the certificate(s) you want to delete. Use Ctrl+click to select multiple certificates.
    2. Click the Action menu and select Delete.
    3. In the confirmation dialog box, click Yes to delete the certificate.

 

 

Last modified

Tags

Classifications

Public