Getting the public part of the connectorregistrationca.msappproxy.net certificate

René Posthumus 20 Reputation points
2024-12-02T08:16:11.8833333+00:00

Hi, we are currently setting up monitoring for our Entra Private Network Connector farms. We are achieving this with SCOM, but to the point of monitoring the certificates on the machines.

They all alert on chain issues regarding the Connector Client Certificates, which are signed by the connectorregistrationca.msappproxy.net CA, which is not in the trusted issuers store. So when SCOM tries to validate the certificate, it encounters a chain issue. The certificate cannot be validated.

connectorca

The simplest solution is to download the public part of the CA, and import it in the trusted issuers store. But the thing is, that it seems that the public part is nowhere to be found on the internet.

Is there anyone out there that knows the location of it so we can download it and overcome the certificate monitoring issue? Or any other solution/workaround?

Thank you in advance!

René

Operations Manager
Operations Manager
A family of System Center products that provide infrastructure monitoring, help ensure the predictable performance and availability of vital applications, and offer comprehensive monitoring for datacenters and cloud, both private and public.
1,515 questions
Microsoft Entra Private Access
Microsoft Entra Private Access
Microsoft Entra Private Access provides secure and deep identity-aware, Zero Trust network access to all private apps and resources.
69 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,645 questions
{count} votes

Accepted answer
  1. Givary-MSFT 34,521 Reputation points Microsoft Employee
    2024-12-02T12:09:10.99+00:00

    @René Posthumus Thank you for your patience. I discussed this issue with my team, and they recommend excluding that certificate from verification. Since it’s not necessary for you to validate it, we can take care of the validation on our end once it is used.


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.