Jump to content

Replace Expired Certificate


Edgar Dang
 Share

Recommended Posts

On my ERA Server, Certificate is expired and then i create new certificate but I don't know how to apply new certificate to client from server?

I have tried Policy but it did'nt apply policy to client (computer) because certificate is expried.

Thanks

Link to comment
Share on other sites

  • Administrators

Generate a new peer certificate and create a new agent policy in which you will pick the new certificate. Alternatively you can re-deploy agent while using the new peer certificate.

Link to comment
Share on other sites

  • Administrators

You can just create an agent policy with the new peer certifacate which is easier than re-deploying the agent.

Link to comment
Share on other sites

  • ESET Staff

If the certificate is already expired, agents won’t connect to get a new policy. As of now, the only solution is redeployment of the agents that were using the currently invalid certificate.

Link to comment
Share on other sites

So i solved this problems with download agent .msi and file .ini (created by web console) then i will use GPO of windows server to deploy. But i will try it on tomorow, when i work back. Thanks ^^

8 minutes ago, MichalJ said:

If the certificate is already expired, agents won’t connect to get a new policy. As of now, the only solution is redeployment of the agents that were using the currently invalid certificate.

 

Link to comment
Share on other sites

Hi MichalJI have tried using GPO to deploy Agent but I have new problems:

- If I want re-deploy I must uninstall remote administrator agent first, then i re-install, but i don't have permission to uninstall (I tried run as domain admin, local admin). Could you please help me how to uninstall already existed remote administrator agent? Thanks

Link to comment
Share on other sites

It show that, but if i use all in one tool, I can remove agent,

can you explain me how to redeploy agent, at company have a lot of agent client and I want to i can re-deploy for all client from my DC (server),

Thanks

eset1.PNG

Link to comment
Share on other sites

  • ESET Staff

What you actually have to do is to "repair" installed AGENT. For this purpose, you can use multiple deployment methods, as if you are deploying AGENT to new machines. For example Remote deployment from ERA is possible. It is also possible to use Live and all in one installers. It is also possible to repair installation manually using MSI installer wizard, but that might not be very practical for larger deployments.

From screenshot you provided it seems you do not have permissions to install AGENT ... are you using domain administrator account for this purpose?

Link to comment
Share on other sites

Yeah, i have tried run as domain admin and local admin.

With All in one ERA tool, I must go to each client to run tool to deploy (It not easy, more than 150 client). And this case I want to re-deploy on client which have already exited ERA agent and expired cert -_-

Link to comment
Share on other sites

On 6/13/2018 at 8:32 PM, MichalJ said:

If the certificate is already expired, agents won’t connect to get a new policy. As of now, the only solution is redeployment of the agents that were using the currently invalid certificate.

 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...