Jun 16 2022 10:10 AM
On Monday, I upgraded Endpoint Manager to version 2203. Everything appears to be working fine on the server itself. We only have one Endpoint Manager server with SQL collocated. After upgrading the Endpoint Manager console on remote systems, I am having some errors. When I go to the Console Extensions node or the Console Connections under Administration, I receive the following message
Configuration Manager can’t connect to the administration service
The Configuration Manager console can’t connect to the site database through the administration service on <ServerFQDN>
Verify the following
There’s no certificate on the SMS Provider site system server. Make sure it has a valid PKI or Configuration Manager-generated certificate for the site.
Additionally, It looks like until I’m able to make this connection I can’t update the WebView2 extension and without that extension the console crashed with I try to access the Windows Servicing and Microsoft Edge Management nodes under Software library.
If I manually import the self sign certificate from Endpoint Manager (we are not using PKI) into the Trusted People container in the Certificates MMC on the remote systems then the console works correctly. I’d prefer not to band aid this problem but instead fix it.
I’ve tried the following that I found on blog posts to resolve this issue but all with no success
The SmsAdminUI.log file show the following entries:
The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Failed to get a response for OData GET request: https://<ServerFQDN>/AdminService/v1.0/ConsoleExtensionMetadata?$filter=IsRequired eq true and IsTombstoned eq false and IsApproved eq true
Could not connect to the AdminService to check for requirements.
System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Failed to get a response for OData GET request: https://< ServerFQDN>/AdminService/v1.0/ConsoleExtensionMetadata?$filter=IsApproved eq false
Error getting custom console extensions IDs, versions and names using Admin Service: SSLFailure
System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Failed to get a response for OData POST request: https:// <FQDN>//AdminService/v1.0/ConsoleUsageData/AdminService.UpdateConsoleHeartbeat
Microsoft.ConfigurationManagement.ManagementProvider.ODataConnectionException: SSLFailure
At this point, I don’t know where to go next. Any help would be greatly appreciated.
Jun 29 2022 11:26 AM
Hello @RyanD79 , I'm having the same issue. Did you find a solution yet?
Aug 17 2022 07:08 AM
Hi @RyanD79, did you ever figure this out? I have just installed 2203 and are having the same issues.
Cheers
Jan 27 2023 03:32 AM
Jan 29 2023 09:15 PM
@shiv198908, can uninstall the console and reinstall. With webview2 if the latest one is not installed or there is permission issue you might have challenges.
Jan 30 2023 06:06 AM - edited Jan 30 2023 06:26 AM
@shiv198908 This was due to a certificate error in Configuration Manager version 2203. Microsoft eventually pushed out a hotfix via the configuration manager console specifically for this issue. Prior to the update being released, I copied the certificate from my configuration manager server to my local workstation and that temporarily resolved the issue for me.
I've upgraded to version 2207 since then with no issues but looking at a list of the hotfixes for ConfigMgr 2203, I'm pretty sure it was hotfix KB14480034. It looks like that update was rolled into KB14244456.
Jan 30 2023 06:27 AM
Jan 30 2023 07:05 AM
Jan 30 2023 07:11 AM
Apr 03 2023 11:46 AM