Policies are not being delivered to agents

Issue

When you install agents there are no policies residing on or being delivered to the agents. When you check the agent logs, you see the following log message:

Client item f0d0abc9-6858-45a8-9eee-0cff0590eac1 is signed and failed the signature check.

Additional information

The agents received a client item that was not signed by the current certificate being used for the HTTPS binding.

Solution

Run the following SQL:

Delete From [Ams].ClientItemCache

After the cache is rebuilt you will be able to successfully download policies and other client items.