cannot caf ping from agent

Document ID : KB000103558
Last Modified Date : 12/07/2018
Show Technical Document Details
Issue:
caf ping fails to another system or Scalability Server but CAM Ping works
 
Environment:
Any supported ITCM / ITCA environment
Cause:
This can happen if different install sources are used or if the DM has deployed packages that were not replaced with custom ones from the DVD after updating the image certificates. You can confirm the issue by comparing the serial numbers in the output of the following command on a working and non-working system:

cacertutil -v

The self-signed certificates will always be unique an not relevant to this check but the other certificates should have matching certificate serial numbers between systems as well as matching subject names.
Resolution:
To resolve a repair of the installation using the correct custom certificate install source should be done.  Just rename or delete the \ca\sc\cbb folder and run setup again for the correct source and a new folder with the custom certificates will be made. After this is done that agent should have no trouble communicating again.