Issue:
After migrating to a new management point, many clients were not checking into the management point. When reviewing the Devices under Assets and Compliance, many clients were showing offline even though the were actually online and responded to ping from the server.
Reviewing the logs on the client machines, the CCM Notification log CCMNotificationAgent.log showed:
Server Certificate Retrieved in TLS is Not an Exact Match of the Current MP Encryption Certificate 0x80004005
Reviewing logs on the management point server, the BGB Server Log bgbserver.log showed:
Expecting More Data From Client
and
Can't Finish Connecting With Client, Which Might Have Already Disconnect System.IO.IOException: Authentication Failed Because the Remote Party Has Closed the Transport System
Reviewing the Configuration Manager Console
Administration - Hierarchy Configuration - Active Directory Forests
Publishing Status showed Authentication Failure
Reviewed properties of Domain Forest and Use Computer Account of Site Server was checked
Resolution:
This article was helpful in resolving the issue: http://eskonr.com/2019/12/client-assignment-failed-from-http-to-https-with-error-code-failed-to-verify-message-could-not-retrieve-certificate-from-mpcert/