ImportPFXCertificate failed: Access is denied.

Dear

We have the following error when importing the certificate for the gateway server:

Enter certificate password:
        The certificate is valid, but importing it to certificate store failed.
        Error description: Access is denied.
        Error code:80070005

        ImportPFXCertificate failed: Access is denied.
        Error code: 80070005

This did not solve my issue: http://thoughtsonopsmgr.blogspot.be/2009/09/momcertimportexe-tool-error-application.html

This neither solves my issue: http://www.computerperformance.co.uk/Logon/code/code_80070005.htm

We're running the SCOM 2012 SP1 Gateway on top of a Windows 2012.
I'm enterprise admin, local admin, I changed the rights in the registry, in DCOM, policies, disabled UAC ..., nothing helps.
The certificate chain is OK, DNS too.

Thanks for the feedback.
Regards.

July 4th, 2013 10:40am

Try using the MOMCertImport to remove the old certificate, after it's removed, simply import the new one:

The solution is for SCOM 2007 R2, but it may be worth a try:

http://technet.microsoft.com/en-us/library/bb735418.aspx

Free Windows Admin Tool Kit Click here and download it now
July 4th, 2013 10:47am

Hi 

refer below links 

http://social.technet.microsoft.com/Forums/systemcenter/en-US/33031d37-93eb-44ef-ac41-4e4f9bc9d1af/renewing-an-expiring-cert-on-server-in-dmz-failing

http://kevingreeneitblog.blogspot.in/2011/08/using-internal-certificates-with-scom.html

R

July 4th, 2013 10:57am

Thanks.

I used the /remove and this removed the registry part. I checked the certificate store: no certificate. However, when I try to import the cert, I get the same error.

Peter

Free Windows Admin Tool Kit Click here and download it now
July 4th, 2013 11:03am

Thanks.

I used the /remove and this removed the registry part. I checked the certificate store: no certificate. However, when I try to import the cert, I get the same error.

Great, since it's now removed, refer back to this link and check to see if the solution provided works now:

http://www.computerperformance.co.uk/Logon/code/code_80070005.htm

If it doesn't, consider the information detailed in the following article as well:

http://myitforum.com/myitforumwp/2011/11/04/smp-failed-to-import-the-client-certificate-store-0x80070005/


July 4th, 2013 11:12am

Thanks !

Adding system to the MachineKeys folder solved the issue.

Regards.
Peter

Free Windows Admin Tool Kit Click here and download it now
July 5th, 2013 3:56am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics