Jump to content

skello

Members
  • Posts

    14
  • Joined

About skello

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    USA

Recent Profile Visitors

661 profile views
  1. Description: When running the uninstallation task there is an option for "Uninstallation parameters" Detail: Can we please change the "Uninstallation parameters" line when running an uninstall from the protect server to "Uninstallation Password" since the only "Uninstallation parameters" are "PASSWORD=", at least from what Sue E. has confirmed for me through support chat.
  2. She gave me a link to the wrong product, please ignore moving to the on-prem product.
  3. Solved!! Not entirely sure what I did differently but I simply recreated a new policy, making sure to select EXACTLY the same settings that I did the 12 previous times. This time it just worked. It's possible that it's working because of the newest updated agent and this cleared some kind of cache? However I do notice on the agents that I have now installed with active working reports that they have a new folder for the cert.
  4. Sorry for my lack of response on this topic or reply to your PM's Mato, have had a few projects spring up and unable to focus the time on this one. Will be circling back very soon as I this is going to be my next project to complete.
  5. Do you have any other policies that are overwriting this one? Hit that lightning bolt and force this policy.
  6. Ahhh I had a feeling that would be a bit confusing, I was going to change that. No, it's two agents connecting to 1 EEI server that are displaying this error.
  7. Generally you have a default policy for your organization, then you customize an additional policy per site/location that appends the default policy. Hope this was the info you were looking for.
  8. Two EI agents in one location, I have one agent that is communicating correctly and another agent that is displaying "Missing or invalid SSL certificate or certificate authority" they are in the same network, same everything. I used the same installer yet this error will not go away. Anyone have any suggestions on next steps? I've tried re-creating the SSL but no luck. Both used same method of installation from ESMC Protect console. Excerpt from logs on agent with no errors: 2022-02-14 10:43:39 00290 Info: Events sent successfully to ***.*******.****.com:8093. Server responded with 200 status code in 0s054ms. 2022-02-14 10:44:19 00e3c Info: Received (Agent.ServerAddress:***.*******.****.com) from ESMC 2022-02-14 10:44:19 00e3c Info: Received (Agent.ServerDataPort:8093) from ESMC 2022-02-14 10:44:19 00e3c Error: Failed creating certificate authority file: *.***.*******.com 2022-02-14 10:44:19 00e3c Info: Unable to apply part of configuration policy 2022-02-14 10:44:19 01d50 Info: Enabled additional hashes for: SHA2_256 2022-02-14 10:44:19 01c84 Error: Error while sending control request to server at "***.*******.****.com:8093". read: A blocking operation was interrupted by a call to WSACancelBlockingCall [system:10004] 2022-02-14 10:50:34 01278 Info: Events Statistics, From:, 2022-02-14 10:43:34, To:, 2022-02-14 10:50:33, Duration (s):, 419, Events Per Second:, 5.578, Events:, 2337, File:, 190, Registry:, 512, TcpIp:, 0, Http:, 0, Dns:, 0, Process:, 310, Injections:, 0, Dll:, 58, Traffic:, 0, Info:, 1, Metadata:, 63, Livegrid:, 63, OriginUrl:, 0, Alarms:, 0, UserActivity:, 738, Wmi:, 388, Scripts:, 0, ExeDrops:, 0, OpenProcess:, 14, TrafficSize:, 0, TrafficInterval:, 0, Executions:, 0, Subprocesses:, 0, Connections:, 0, Batch Size (bytes):, 153907 2022-02-14 10:50:35 00290 Info: Events sent successfully to ***.*******.****.com:8093. Server responded with 200 status code in 0s056ms. Excerpt from logs on agent with errors: 2022-02-14 12:58:34 01130 Info: EI and Endpoint integration has been successfully enabled 2022-02-14 12:58:35 01310 Info: Received (Agent.ServerAddress:***.*******.****.com) from ESMC 2022-02-14 12:58:35 01310 Info: Received (Agent.ServerDataPort:8093) from ESMC 2022-02-14 12:58:35 01310 Error: Failed creating certificate authority file: *.***.*******.com 2022-02-14 12:58:35 01310 Info: Unable to apply part of configuration policy 2022-02-14 12:58:35 01130 Info: Certification authorities found in CA store: 2022-02-14 12:58:35 0123c Info: Enabled additional hashes for: SHA2_256 2022-02-14 12:58:35 01130 Info: EIAgentSvc has started 2022-02-14 12:58:35 01b88 Error: Error while sending control request to server at "***.*******.****.com:8093". certificate verify failed (SSL routines, tls_process_server_certificate) [asio.ssl:337047686] 2022-02-14 12:58:35 01bfc Error: Error while sending request to server at "***.*******.****.com:8093". certificate verify failed (SSL routines, tls_process_server_certificate)
  9. Works just fine after reinstall. Not sure what broke, what caused this to get blocked but other browsers worked fine. Anyone else having this issue as well?
  10. Have one device that has chrome blocked entirely. Disable firewall works fine. There were no rules, nothing added special to this device. I reset device back to default and still wouldn't allow chrome access. Just uninstalled ESET 8.1.2031.0 from the device, tried to access chrome and no issues. Going to reinstall 8.1.2031.0 and test from same device. Users do not have access to add in rules so this wouldn't have been added by the user. Any insight from others? Also, this is being typed in Chrome from a device in the same group, same policy setup and everything as the device that was being blocked.
  11. This has been going on for about 3 months for my company. We have to make sure we disable the ESET plugin to stop this from happening. We still haven't found a fix.
×
×
  • Create New...