Problem description:
Microsoft has published a new RDP certificate that uses the FQDN as certificate name. This causes MES module authentication errors when trying to communicate with the SSL certificate of the server since the two certificates carry the same name.
The modules get stuck during startup and will not work.
Affected modules are:
- AccessControl
- Orchestration
- MSS
- API Proxy
- further modules are being investigated and will be updated here
The new certificate is only being deployed to "Windows Server 2022" installations which means other installations are not affected by the issue. The other server versions will only be updated in 2025.
Workaround:
In order to workaround the issue and get the modules starting correctly:
- Go to the option "manage computer certificates" and follow the path shown in the screenshot
- manually remove the new RDP certificate (FQDN and intended purpose = Remote Desktop Authentication)
- Restart the stuck services
The RDP certificate will automatically be added again after 90 minutes. This means the procedure needs to be repeated in case of service restarts or server restarts
Permanent fix:
BCI is currently investigating on all potentially affected modules. This post will regularly be updated and fix information will be added here.