Potential Bug: Pushing a VMM Agent to an Infrastructure server existing certificate bindings are replaced
When pushing a VMM 2016 UR4 agent to an infrastructure server. If the infrastructure server has an existing certificate bound to HTTPS, example RDSGateway and Network Controller. The agent installation will remove the existing certificate binding when setting up BITS.
Jose Gonzalez commented
This is is the exact same issue we have experienced in our environment. I was able to recreate the problem by uninstalling the vmm agent and then reinstalling. In our case this is affecting our Configuration Manager Distribution Points. Anytime the vmm agent gets installed or updated it deletes the HTTPS cert that we have bound to port 443 for SCCM. When the cert gets deleted, the SCCM clients can no longer communicate with the DP's. We have to login to the servers and manually bind the cert again to port 443.
I noticed in the Event logs that when the vmm agent gets installed it uses this command line:
MSI (s) (68:D8) [09:22:10:465]: Command Line: WSMANPORT=5985 BITSPORT=443 REBOOT=ReallySuppress CURRENTDIRECTORY=C:\Windows\system32 CLIENTUILEVEL=3 MSICLIENTUSESEXTERNALUI=1 CLIENTPROCESSID=3788
Anyhow all this to say that we need this bug fixed.