Linux/Unix Monitoring requires winrm to use basic auth and untrusted self-signed certificates
Basic authentication and untrusted self-signed certificates are big security violations. Untrusted self-signed certificates has an issue with Axway default validation response status settings.
Is there a way for SCOM to perform a scan or discovery to standalone Linux servers without basicauth and self-signed certificates?
SCOM support Kerberos Auth now! @ https://docs.microsoft.com/en-us/system-center/scom/manage-linux-kerberos-auth?view=sc-om-1801. If this is needed for an older version, I think you have to unseal the unix/Linux library management pack to override basic auth with Kerberos authentication.
As for self-signed certificates - no longer an issue. You should be able to replace self-generated certificates with your own internal signed certificates. - https://operatingquadrant.com/2011/11/23/operations-manager-unixlinux-agent-certificates-and-using-a-pki/
Bhupendra Vishram commented
Yes SCOM requires redevelopment to allow Kerberos Authentication in an Enterprise environment. We have this requirement for a massive project to manage Linux Clients which are domain joined. However due to this restriction unable to use SCOM to register Linux clients as it violates Domain policies.
Please release an update to allow for this as per this article