Edgar Dang 0 Posted June 13, 2018 Share Posted June 13, 2018 On my ERA Server, Certificate is expired and then i create new certificate but I don't know how to apply new certificate to client from server? I have tried Policy but it did'nt apply policy to client (computer) because certificate is expried. Thanks Link to comment Share on other sites More sharing options...
Edgar Dang 0 Posted June 13, 2018 Author Share Posted June 13, 2018 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,267 Posted June 13, 2018 Administrators Share Posted June 13, 2018 Generate a new peer certificate and create a new agent policy in which you will pick the new certificate. Alternatively you can re-deploy agent while using the new peer certificate. Link to comment Share on other sites More sharing options...
Edgar Dang 0 Posted June 13, 2018 Author Share Posted June 13, 2018 Hi Marcos, your mean is re-deploy on client computer? So I want to deploy to all computer from server (web console), can I do it? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,267 Posted June 13, 2018 Administrators Share Posted June 13, 2018 You can just create an agent policy with the new peer certifacate which is easier than re-deploying the agent. Link to comment Share on other sites More sharing options...
Edgar Dang 0 Posted June 13, 2018 Author Share Posted June 13, 2018 I got it. Thanks for your support, Edgar. Link to comment Share on other sites More sharing options...
ESET Staff MichalJ 434 Posted June 13, 2018 ESET Staff Share Posted June 13, 2018 If the certificate is already expired, agents won’t connect to get a new policy. As of now, the only solution is redeployment of the agents that were using the currently invalid certificate. Link to comment Share on other sites More sharing options...
Edgar Dang 0 Posted June 13, 2018 Author Share Posted June 13, 2018 So i solved this problems with download agent .msi and file .ini (created by web console) then i will use GPO of windows server to deploy. But i will try it on tomorow, when i work back. Thanks ^^ 8 minutes ago, MichalJ said: If the certificate is already expired, agents won’t connect to get a new policy. As of now, the only solution is redeployment of the agents that were using the currently invalid certificate. Link to comment Share on other sites More sharing options...
Edgar Dang 0 Posted June 14, 2018 Author Share Posted June 14, 2018 Hi MichalJ, I have tried using GPO to deploy Agent but I have new problems: - If I want re-deploy I must uninstall remote administrator agent first, then i re-install, but i don't have permission to uninstall (I tried run as domain admin, local admin). Could you please help me how to uninstall already existed remote administrator agent? Thanks Link to comment Share on other sites More sharing options...
Edgar Dang 0 Posted June 14, 2018 Author Share Posted June 14, 2018 It show that, but if i use all in one tool, I can remove agent, can you explain me how to redeploy agent, at company have a lot of agent client and I want to i can re-deploy for all client from my DC (server), Thanks Link to comment Share on other sites More sharing options...
ESET Staff MartinK 383 Posted June 14, 2018 ESET Staff Share Posted June 14, 2018 What you actually have to do is to "repair" installed AGENT. For this purpose, you can use multiple deployment methods, as if you are deploying AGENT to new machines. For example Remote deployment from ERA is possible. It is also possible to use Live and all in one installers. It is also possible to repair installation manually using MSI installer wizard, but that might not be very practical for larger deployments. From screenshot you provided it seems you do not have permissions to install AGENT ... are you using domain administrator account for this purpose? Link to comment Share on other sites More sharing options...
Edgar Dang 0 Posted June 15, 2018 Author Share Posted June 15, 2018 Yeah, i have tried run as domain admin and local admin. With All in one ERA tool, I must go to each client to run tool to deploy (It not easy, more than 150 client). And this case I want to re-deploy on client which have already exited ERA agent and expired cert Link to comment Share on other sites More sharing options...
Edgar Dang 0 Posted June 15, 2018 Author Share Posted June 15, 2018 On 6/13/2018 at 8:32 PM, MichalJ said: If the certificate is already expired, agents won’t connect to get a new policy. As of now, the only solution is redeployment of the agents that were using the currently invalid certificate. Link to comment Share on other sites More sharing options...
Recommended Posts