From past few weeks I have been working on implementing PKI for SCCM. I was testing the PKI on a smaller set of computers within a domain. Post this testing I reverted all the settings back to how it was. Few days later we encountered an issue with the SCCM reporting services. I am not saying this issue came up due to PKI testing, but it my case it seemed like that. So we faced an error with SCCM Reporting Services The underlying connection was closed An unexpected error occurred on a send. After seeing this error, I reinstalled SQL Reporting Services for SCCM 2012 R2, but that did not fix this issue. If you are facing the same issue in your organization, this post should help you to resolve it.
Looking at my component status messages for the SMS_SRS_REPORTING_POINT component, I was also seeing many Message ID 7403 – “The report server service is not running on Reporting Service Point Server start the service to enable reporting”. I verified the reporting service was running fine.
SCCM Reporting Services The underlying connection was closed
After doing some research, I found that there are some methods in the reporting services web services API that are inherently secure methods and if SSL is configured on a report server instance these methods cannot be invoked via http and require https connections.
Workaround: Unfortunately there is no easy workaround for this other than to not use SSL enabled report server instances. However there is a configuration setting that can be tweaked to get around this problem but it is not recommended to tweak this setting if the report server instance is hosting other reports (not specific to Configuration Manager).
Open the rsreportserver.config file using notepad. The default location for the default instance is under [SystemDrive] > Program Files > Microsoft SQL Server > MSRS11.MSSQLSERVER > Reporting Services > ReportServer. Search for the property “SecureConnectionLevel”. Change this value to 0 and save the rsreportserver.config file.
Modify the line that begins with <Add key=”SecureConnectionLevel” Value=”2”/> to <Add key=”SecureConnectionLevel” Value=”0”/>
Here is what the values mean:
Level 3 (Most secure) – Use SSL for everything.
Level 2 (Secure) – Use SSL for rendering and methods that pass credentials but don’t insist on it for all SOAP calls.
Level 1 (Basic Security) – Accepts HTTP but rejects any calls that might be involved in the passing of credentials.
Level 0 (Least Secure) – Secure connections are not required but can be used.
After changing the SecureConnectionLevel value to 0, I restarted the SQL Reporting Services service for the MSSQLSERVER instance and the reports were accessible. I hope this post helps you.