Wednesday, August 7, 2013

Native 2007 client fails to start. "Failed to load CryptInfo."

Scenerio:  Secondary client will not start it appears to be damagaed.  check the CCMExec.log and you see the following.


CCMExec.Log

Entering Certificate Maintenance
Client SSL is enabled. The current state is 0x31.
IsCertficateExportable(0x7ee388) skipping check on an MP.
Failed to load CryptInfo.
CCMValidateEncryptionCert failed. (0x80070002)
Creating Encryption Certificate...
Successfully created certifcate

Updating MP mirror key
Phase 0 initialization failed (0x80070002).
Service initialization failed (0x80070002).
Shutting down CCMEXEC...
UninitCommandExec failed (0x800401fb).
Waiting up to 2 seconds for active tasks to complete...
Finished shutting down CCMEXEC.


If you compare this to a working native machine you will see the security data is missing.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\CCM\Security

Here you can then export the SingingCertificate and other security information such as "AllowRootCAHashcode".

Export fom a working client and import it to the new client, making sure they are the same. 
Win 7 to Win7 or Secondary to Secondary.

Restart the Service.  It should all now work...