Windows patch analysis job failing with error 0x800710dd while initializing the scanner

BMC Software is alerting users to a problem in the following product versions:

Product	TrueSight Server Automation, version 20.x, 21.x, 22.x, 23.1
Date	2023/04/29 00:00

If you have any questions about this issue, contact Customer Support.

Issue

A Windows Patch Analysis Job might fail with the following error on Microsoft Windows servers:

STDERR: Error: Encountered error 0x800710dd initializing scanner - The operation identifier is not valid.Possible cause is:
Signature verification certificates may not have been installed on this server. Re-run the patching job in debug mode and
check log file AnalysisTrace.log for further details. Error: Unable to initialize analysis engine.Error: Analysis failed.
Info Analyzer execution complete on server: <target> , exitCode: -3

A Snapshot Job might fail with the following error on Windows servers:

Snapshot of target part 'HotFixes' of asset class type 'Windows Hotfix List' failed on target 'xxxxx':
Error executing Analyzer: ExitCode = -3 on the host 'xxxxx':
Error: Encountered error 0x800710dd initializing scanner - The operation identifier is not valid..

Cause

The Certificate Authority used by Ivanti to sign Windows patch metadata changed in April 2023. As a result, without the DigiCert Trusted Root GA and DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 certificates on the target servers, the metadata cannot be validated during patch analysis on the target servers.

Resolution

Download and deploy the Compliance template that automatically detects and resolves this issue.

Download link	File Name
KB article	WinPatchCerts_Solution_Apr12_2023.zip

To apply the hotfix

Import and deploy the template according to the instructions provided in the readme.txt file, available in the zip file that you have downloaded.

Note

If the issue persists after deploying the template, run the Patch Catalog Update and the Patch Analysis jobs again.