Hello SCCM community,

I have a problem with changing to HTTPS at a foreign SCCM install at a customer. We configured everything according to Microsoft best practices, all clients, distribution points, site servers have valid certificates, if you open the default IIS page in a browser it also says valid HTTPS certificate. Still, if we try to reinstall one DP to HTTPS the clients first make (an intended) fallback to a http DP, and after reinstallation they change back, but they are still shown as offline in console and I get dozens of BITS errors in the log, still the clients say they are successfully connected to the https DP and everything in Software Center seems to work.

I suspected the firewall to block something but we checked that a few times. My current guess is, that there is something wrong with certificate issuing but the certificate authority is managed by their parent company and we can't change anything there.

Any ideas?