SCCM Troubleshooting: OSD Issues - CryptVerifySignature failed [SMSPXE.log]

Error

CryptVerifySignature failed, 80090006 SMSPXE

untrusted certificate: certificate serial number SMSPXE

Failed to get information for MP: http://<PXE FQDN>. 80090006. SMSPXE

This error was due to certificate which has not been validated. Post migrating SCCM roles from virtual box to physical box I was encountering this error.

As a preliminary check, go to the registry of the server which is hosting PXE role.

Registry path needs to checked for "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\Security"

Under this path there are some keys which had empty values.

Key Name: SignedSerializedKey , SignedSerializedKeyEx

Background

The values should get created automatically. If the value of the key seems to be empty then it will throw errors in SMSPXE.log

Solution

If there seems the error is still not fixed then, try site reset without changing configuration that will help in regenerating keys which has been missed out during any activity.

P.S: Please don't try this unless you have full admin rights to the environment.