Hi everyone I renew my SCOM Agents for DMZ servers, for that I created a text file name request.inf with the following information inside: [Version] Signature= “$Windows NT$” [NewRequest] RenewalCert= Thumbprint of the certificate” Then I ran certreq -new request.inf certnew.req My DMZ servers do NOT have any connectivity with my Stand Alone CA (windows 2008 R2), so, I copy the certnew.req to the CA nad using the MMC I submited a new request using that file (certnew.req). I Aproved the new request and then, using the CA MMC, I selected the new Cert properties-details tab and choose copy to file. During this process, I noticed that wasn't allowed to export the private Key, but anyway, I imported the new cert in the destination server. The cert is ok, except that I need to export the cert from the DMZ server with the private Key, but when I select "Export" to export the cert (to use it with the MOMCertImport.exe) I don't have the option to export the private key. So my question is, in this scenario, how can I export the private Key?

Anyone? Can anyone explain how to proprely renovate the certs in SCOM agents in DMZ? I'm having trouble to make this thing working... My last error was: The specified certificate could not be loaded because the Key Usage specified does not meet OpsMgr requirements. The certificate must have the following usage types: Digital Signature Key Encipherment How can I include this in the cert renovation? I though that [NewRequest] RenewalCert= Thumbprint of the certificate” Was enough to renovate an additional Cert equal to the existing one...

Hi, Regarding this error, please try the methods in the following article: When you try to install a System Center Operations Manager 2007 agent on a workgroup computer without using a gateway server, Operations Manager 2007 cannot see the workgroup computer http://support.microsoft.com/kb/947691 If the error persists, please also try obtaining the Certificate again referring to the following documents: Obtaining Certificates for Ops Mgr via Command Line or Script http://blogs.technet.com/b/momteam/archive/2008/06/02/obtaining-certificates-for-ops-mgr.aspx Authentication and Data Encryption for Windows Computers in Operations Manager 2007 http://technet.microsoft.com/en-us/library/bb735408.aspx Using certificates with OpsMgr07 Agents and Workgroup computers http://blogs.technet.com/b/cliveeastwood/archive/2007/05/02/using-certificates-with-opsmgr07-agents-and-workgroup-computers.aspx Hope this helps. Thanks. Nicholas Li - MSFT Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.