Connection Error after upgrading to version 2203

New Contributor

On Monday, I upgraded Endpoint Manager to version 2203. Everything appears to be working fine on the server itself. We only have one Endpoint Manager server with SQL collocated. After upgrading the Endpoint Manager console on remote systems, I am having some errors. When I go to the Console Extensions node or the Console Connections under Administration, I receive the following message

 

Configuration Manager can’t connect to the administration service

The Configuration Manager console can’t connect to the site database through the administration service on <ServerFQDN>

Verify the following
There’s no certificate on the SMS Provider site system server. Make sure it has a valid PKI or Configuration Manager-generated certificate for the site.

 

 

Additionally, It looks like until I’m able to make this connection I can’t update the WebView2 extension and without that extension the console crashed with I try to access the Windows Servicing and Microsoft Edge Management  nodes under Software library.

 

If I manually import the self sign certificate from Endpoint Manager  (we are not using PKI) into the Trusted People container in the Certificates MMC on the remote systems then the console works correctly.  I’d prefer not to band aid this problem but instead fix it.

 

I’ve tried the following that I found on blog posts to resolve this issue but all with no success

 

  • Made sure that “Use Configuration Manager-generated certificates for HTTP site system” is enabled
  • Made sure no certificates are block in Configuration Manager
  • I’ve checked the SSL Certificate on the Default Website and it is the self signed certificate from Endpoint Manager.
  • Turned off Windows Firewall
  • Reviewed the SmsAdminUI.log file.

 

The SmsAdminUI.log file show the following entries:

The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

Failed to get a response for OData GET request: https://<ServerFQDN>/AdminService/v1.0/ConsoleExtensionMetadata?$filter=IsRequired eq true and IsTombstoned eq false and IsApproved eq true

Could not connect to the AdminService to check for requirements.

System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

Failed to get a response for OData GET request: https://< ServerFQDN>/AdminService/v1.0/ConsoleExtensionMetadata?$filter=IsApproved eq false

Error getting custom console extensions IDs, versions and names using Admin Service: SSLFailure

System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

Failed to get a response for OData POST request: https:// <FQDN>//AdminService/v1.0/ConsoleUsageData/AdminService.UpdateConsoleHeartbeat

Microsoft.ConfigurationManagement.ManagementProvider.ODataConnectionException: SSLFailure

 

 

At this point, I don’t know where to go next. Any help would be greatly appreciated.

2 Replies

Hello @RyanD79 , I'm having the same issue. Did you find a solution yet?