Submit a ticketCall us

Get a crash course on Network Monitoring delivered right to your inbox
This free 7-day email course provides a primer to the philosophy, theory, and fundamental concepts involved in IT monitoring. Lessons will explain not only how to perform various monitoring tasks, but why and when you should use them. Sign up now.

Home > Success Center > Server & Application Monitor (SAM) > AppInsight for Exchange: WinRM testing failed with due to an expired SSL certificate

AppInsight for Exchange: WinRM testing failed with due to an expired SSL certificate

Created by Tiarnan Stacke, last modified by Hunter Johnson on Oct 24, 2016

Views: 231 Votes: 1 Revisions: 6

Overview

An already monitored AppInsight for Exchange Server, or a Server which is being attempted to add into monitoring fails with the following error:

WinRM testing failed with the following error:

Connecting to remote server XXX.XXX.XXX.XXX failed with the following error message: The server certificate on the destination computer (XXX.XXX.XXX.XXX:5986) has the following errors: The SSL certificate is expired.

 

On the Exchange Server, MMC can be used to view the expired Certificate:

  1. Click Run, then type type MMC.
  2. Go to File > Add/Remote Snap-in.
  3. Select Certificates then click Add.
  4. Select the Computer Account option.
  5. In the left-hand pane, expand Certificates > Personal > Certificates.

The certificate which Orion created can be seen with the following naming convention: xxx.xxx.xxx.xxx_Solarwinds_Zero_Configuration. You can view the Expiration Date from the Certificate from this Window

Environment

SAM 6.1 and later

Cause 

The SSL certificate which the Exchange is attempting to use has expired.

Resolution

Remove the existing WinRM listener that is using the expired certificate:

  1. Open an elevated command prompt or PowerShell prompt.
  2. View the currently existing listener with the following command:
     winrm get winrm/config/listener?Address=*+Transport=HTTPS
  3. The CertificateThumbprint will match what is seen on the certificate.
  4. To remove the listener use the following command:
    winrm delete winrm/config/Listener?Address=*+Transport=HTTPS

 

Remove the expired certificate with MMC

  1. Click Run, then type MMC.
  2. Go to File > Add/Remote Snap-in.
  3. Select Certificates then click Add.
  4. Select the Computer Account option.
  5. In the left-hand pane, expand Certificates > Personal > Certificates.
  6. Right-click the certificate which should be named as follows: xxx.xxx.xxx.xxx_Solarwinds_Zero_Configuration.
  7. Click Delete.

 

Recreate the certificate and the WinRM Listener.

  • Re-run the automatic configuration via Edit Application Monitor for AppInsight for Exchange, or
  • Perform the manual configuration steps for the certificate and the WinRM listener.

 

**If the above does not resolve the issue make sure the certificate if assigned to the HTTPs binding in IIS.

 

Last modified
16:51, 24 Oct 2016

Tags

Classifications

Public