Sista
-
Posts
5 -
Joined
-
Last visited
Posts posted by Sista
-
-
Some update, if I generate a new certificate for Mobile Device Connector and then apply it to the mdm server via Policy I don't see any error in the ESMC but when I connect to https://mdm.xxxxxx.it:9980 I see certificate warning because it was generated from the interal CA and the mbiel phone can connect to ESMC.
If I try to use a valid certificate from public CA in the Policy it doesn't apply with the error:
MDM policy contains invalid https certificate. The old certificate is still being used
Some one can explain me?
Thank you
Andrea
-
Hello,
i have an ESMC VA ver 7.1 with 3rd HTTPS certificate and all is working perfectly.
Now I installed a MDM Connector VA latest version and I use the same 3rd HTTPS certificate in the setup screen, and if I reach https://mdm.xxxx.it:9980 the certificate is ok.
The problem is that I see and alert for the MDM VA says:
HTTPS certificate chain is incomplete. Enrollment is not allowed
But the chain is complete.
Please were I was wrong?
Thank you
Andrea -
Problem solved, the first configuration fail in some point, I do a new deployment and all is working.
Thank you
-
Hello,
I installed ESET Security Management Console VA, I installed certificate for the https via tomcat with a wildcard certificate and the access via HTTPS is ok.
Now I see a lot of error in the file /var/log/eset/RemoteAdministrator/Agent/trace.log:
2020-04-02 07:04:44 Error: CAgentSecurityModule [Thread 7f99bf9a3700]: Certificated user verification failed with: VerifyDnsSubjectAltName: Hostname does not match any supported record in certificate SubjectAltName extension (*.mydomain.it,mydomain.it) 2020-04-02 07:04:49 Error: CAgentSecurityModule [Thread 7f99bf9a3700]: Certificated user verification failed with: VerifyDnsSubjectAltName: Hostname does not match any supported record in certificate SubjectAltName extension (*.mydomain.it,mydomain.it) 2020-04-02 07:04:49 Error: CReplicationModule [Thread 7f99bb19a700]: InitializeConnection: Initiating replication connection to 'host: "127.0.0.1" port: 2222' failed with: Request: Era.Common.Services.Replication.CheckReplicationConsistencyRequest on connection: host: "127.0.0.1" port: 2222 with proxy set as: Proxy: Connection: :3128, Credentials: Name: , Password: ******, Enabled:0, EnabledFallback:1, failed with error code: 14, error message: Connect Failed, and error details: 2020-04-02 07:04:49 Warning: CReplicationModule [Thread 7f99bb19a700]: InitializeConnection: Not possible to establish any connection (Attempts: 1) 2020-04-02 07:04:49 Error: CReplicationModule [Thread 7f99bb19a700]: InitializeFailOverScenario: Skipping fail-over scenario (stored replication link is the same as current) 2020-04-02 07:04:49 Error: CReplicationModule [Thread 7f99bb19a700]: CAgentReplicationManager: Replication finished unsuccessfully with message: InitializeConnection: Initiating replication connection to 'host: "127.0.0.1" port: 2222' failed with: Request: Era.Common.Services.Replication.CheckReplicationConsistencyRequest on connection: host: "127.0.0.1" port: 2222 with proxy set as: Proxy: Connection: :3128, Credentials: Name: , Password: ******, Enabled:0, EnabledFallback:1, failed with error code: 14, error message: Connect Failed, and error details: Replication details: [Task: CReplicationConsistencyTask, Scenario: Automatic replication (REGULAR), Connection: 127.0.0.1:2222, Connection established: false, Replication inconsistency detected: false, Server busy state detected: false, Realm change detected: false, Realm uuid: 89746cbc-1e23-46dc-a7d6-518526f67358, Sent logs: 0, Cached static objects: 0, Cached static object groups: 0, Static objects to save: 0, Static objects to delete: 0, Modified static objects: 0]
What am I doing wrong?
Thank you
Error: HTTPS certificate chain is incomplete. Enrollment is not allowed
in ESET Products for Mobile Devices
Posted
Hello Mirek,
I tried to upload the complete pfx, but the problem was that the file have some kinds of problem, I recreate a new pfx with all the three certificate and now the warning is gone.
Now I can connect to https://mdm.xxxx.it:9980 with not problem and I have enroll my first mobile device.
Thank you
Andrea