CraigB 1 Posted July 11, 2017 Share Posted July 11, 2017 (edited) I am in the process of setting up a new remote administrator server. I currently have a linux server hosting version 6.4 of the Remote Administrator, but have had endless issues trying to upgrade it to 6.5 so I am setting up an Azure VM to host the windows version of Remote Administrator. I am aware that I cannot copy the database over directly, so I am attempting to replicate most of my setup manually. I have setup a certification authority. It is present, and the only one available. I have setup an agent and server ceriticate linked to the authority. At first I tried setting these up with the IP and FQDN of the server (I have done this on our current RA and it works). The certs all create and show as valid, but when I try and create an agent installer with the agent certificate I have created, I get an error message: Failed to get installers: Specified certification authority certificate was not found . I then created new certificates with the host *. These also do not allow me to create installers. I have seen a note on the ESET docs that some firewalls might block addresses in Slovakia, so I gave setup the US repository, and also tested a connection with the URL provided and I was able to connect to both the US and Slovakia repositories just fine. I've attached screenshots of my certification authorities and peer certificates. Can anyone suggest what might be missing? Edited July 11, 2017 by CraigB fixing error message text Link to comment Share on other sites More sharing options...
ESET Staff janoo 11 Posted July 12, 2017 ESET Staff Share Posted July 12, 2017 Hi CraigB, one thing is strange to me, why you had to setup a new CA & certificates? There were any in the Azure VM? Because during the installation, those should be created automatically. Link to comment Share on other sites More sharing options...
ESET Staff MartinK 381 Posted July 12, 2017 ESET Staff Share Posted July 12, 2017 When creating installer, it is required to include CA certificate of currently used SERVER certificate - seems that this fails in your environment. During this operation, SERVER certificate that is currently used is loaded from SERVER settings and appropriate CA certificate is searched. I would recommend to check what certificate you are actually using - as list you provided (peer certificates) is not used during installer creation -> there may be completelly different certificate used in SERVER settings, especially in case you generated multiple SERVER certificates. Also ERA 6.5 changed security model -> in case you are using non-Administrator account in ERA, please check whether user has "read" and "use" access right for CA certificates and "read" access rights for SERVER settings. Link to comment Share on other sites More sharing options...
CraigB 1 Posted July 12, 2017 Author Share Posted July 12, 2017 Thanks MartinK The setting for the certificate in use by the server was exactly what was wrong. I updated the server certificate to the one I just created. Restarted the Remote Administrator Server service on the VM and logged in again. I can now create installers with the agent certificate required. Janoo - I wanted to create my own certs because the default certs are too open, I want to limit my certificates to the static IP and hostname of my server. Link to comment Share on other sites More sharing options...
.thumb.jpg.d0dae4df7d520793aba4b217c88691a6.jpg)
Recommended Posts