Forum Discussion
Reminder: Intune-managed Win32 app delivery will be HTTPS-only, affecting Connected Cache customers
Starting today, Intune will be enforcing HTTPS-only delivery for managed Win32 app content
Why this matters for Connected Cache customers:
if HTTPS isn't configured on your cache nodes, clients that previously pulled Intune Win32 app content through Connected Cache can still download content, but those requests bypass cache nodes and fall back to CDN. This behavior can increase internet egress and bandwidth usage.
This enforcement was previously announced in February via Message Center and the Intune Tech Community blog: How to enable HTTPS support for Microsoft Connected Cache for Enterprise and Education.
Get started with the following documentation:
Configure HTTPS on your cache nodes
Validate HTTPS functionality
Additionally, you can verify Intune Win32 HTTPS enforcement on a client machine
- Open C:\ProgramData\Microsoft\IntuneManagementExtension\Logs\AppWorkload.log.
- Find log entries that include the app download URL for the app assignment you are validating.
- Confirm the URL is HTTPS (for example, starts with https://).
- Optionally correlate with Delivery Optimization status to verify whether bytes are being served from cache versus CDN.
Configuration Manager customers
If you're using Configuration Manager distribution points with Connected Cache, review and apply the published hotfix and prerequisites: Connected Cache update for Microsoft Configuration Manager versions 2409, 2503, and 2509 (KB33247081).
If you'd find it useful, reply in this thread and we can also post a step-by-step TLS setup walkthrough video for the Connected Cache community.
3 Replies
- mr-robotoCopper Contributor
Please help! I am unable to successfully import a new SSL cert. This is a single MCC v2.0.0.2124_e with deployment scripts v1.0.24.0 using gMSA account on Windows Server 2022. Generated CSR and signed by Digicert, error message "IMPORT_RESULT: FAILED, Certificate import failed” at import.
I read there is a known issue with import using gMSA and deployment scripts v1.0.24.0. Upgraded to deployment scripts v1.0.26.0 and tried again. Received error message "IMPORT_RESULT: FAILED, ERROR: Distribution Ubuntu-24.04-Mcc is not accessible from gMSA context”.
Not sure what to do know. Do I need to re-deploy the MCC after updating deployment scripts? If so, do I need to generate another CSR? Can I use the new Digicert SSL cert that was just purchased?
- Govindarajv1Copper Contributor
Thank you for sharing this. Could you please provide a step‑by‑step TLS setup walkthrough video for the Connected Cache configuration for SCCM?
- bindumadhavaBrass Contributor
hi
You can refer to this for SCCM based MCC boxes -
https://learn.microsoft.com/en-us/intune/configmgr/hotfix/2509/33247081