07 September 2016

Asset Intelligence | SCCM | Expired credentials/certificate/token | Need to re-provision online account

This one is a nice and easy one.
If you're using SCCM 2012 and you're wanting to leverage the Asset Intelligence site role, you will most likely encounter the following error message if you haven't been assigned a certificate from Microsoft.

When you go through the initial setup, it will ask you to add the location of a .pfx file which would have been supplied by Microsoft.  In order to resolve this and allow SCCM to connect to the Microsoft Database, you will need to obtain a certificate.  This can be downloaded from a Microsoft Hotfix (https://support.microsoft.com/en-us/kb/3060648).  You can also obtain a certificate from your Microsoft account rep.  

You will need to extract these files and then you will find the certificate file.

Once you have this certificate, you will simply need to add it into the properties for the Site Service Role:

After you have updated this setting so it's using the certificate, you will then need to disable and then re-enable the Asset Intelligence Sync point.  Simply un-tick this, apply, then re-tick and apply again.


  1. Have you ever got that cert? I'm pretty sure they stopped doing that years ago. You can just grab a cert from the hotfix and import it.

  2. Yep, that's right. You can use either, or.

    Hotfix is available here: https://support.microsoft.com/en-us/kb/3060648