Skip to main content

MOMCertImport.exe Catastrophic Failure

By May 18, 2015September 9th, 2020Blog

I ran into this one while setting up a SCOM 2012 R2 Gateway server. When importing the .pfx using MOMCertImport.exe I received the following error:

The certificate is valid, but importing it to certificate store failed.

Error description: Catastrophic failure

Error code:8000FFFF

ImportPFXCertificate failed: Catastrophic failure

Error code: 8000FFFF

Turns out, this was a result of leaving the “Include all certificates in the certification path if possible” box checked when performing the certificate export. After re-exporting and unchecking that box, I was able to import the certificate without issue.

Shane Skriletz, PEI

One Comment

  • baltazar guerra de sousa says:

    To renew the certificate on the SCOM Management Server or Gateway server, follow the following steps:

    Request a certificate from your certificate authority using the Operations Manager Template and install it on the SCOM Management Sever.
    Check in the MMC console that the newly installed certificate has “Server Authentication” and “Client Authentication” by double clicking the certificate > Details > Enhanced Key Usage.
    Export the generated certificate from the Certificates console and select “Yes, export the private key” on the first page of the wizard.
    Save the certificate as .PFX file, and specify a password for it.
    Remove the old imported certificates from System Center Operations Manager with the command “MOMCertImport.exe /Remove”.
    Install the new certiicate with the following command line: “MOMCertImport.exe C:\cert.pfx /Password P@ssw0rd”.
    Check if the registry value “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\MachineSettings\ChannelCertificateSerialNumber” of Serial Number matches that you see in the Properties page of the certificate (the string is in a reverse order).
    Restart the System Center Operation Manager health services on the Management Server and/or Gateway Servers to see if the update is succeeded.

Leave a Reply