Jump to content

Peer certificate is invalid


Recommended Posts

Hi I have about 40 pcs that shows me this error

Peer certificate is invalid

What should I check?

Server:

ESET Security Management Center (Server), Version 7.1 (7.1.503.0)
ESET Security Management Center (Web Console), Version 7.1 (7.1.393.0)

 

Clients:

Agente 6.5.522.0

ERA 7.1.2053.0

Link to post
Share on other sites
  • Administrators

Did you upgrade to ESMC 7.1 from ERA 6.5 or you installed it from scratch without backing up certificates?

Link to post
Share on other sites
Posted (edited)

Hi Marcos, I made that update in July last year and had to update all the clients win7 and XP manually.

At the time create a completely new server from 0.

Edited by sanlucas
Link to post
Share on other sites
  • Administrators

What error is reported in C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html ? Once the agent starts reporting to ESMC. send an ESMC upgrade task to it so that it upgrades to v7.

 

Link to post
Share on other sites
  • ESET Staff

In case clients are still connecting, it probably means that AGENT's are not able to verify their own certificate. This might be caused by fact that they are missing CA certificate that was used to sign this certificate. If this is true, it also means that SERVER's peer certificate is signed by different CA certificate: was there any kind of certificate customization applied? Or ERA/ESMC migration scenarios were used?

Link to post
Share on other sites

Marcos: this is the status.html3

Scope Time Text
Last authentication 2020-Mar-11 11:26:49 Enrollment OK
Last replication 2020-Mar-11 11:26:50 ERROR: InitializeConnection: Initiating replication connection to 'host: "192.168.0.100" port: 2222' failed with: Request: Era.Common.Services.Replication.CheckReplicationConsistencyRequest on connection: host: "192.168.0.100" port: 2222 with proxy set as: Proxy: Connection: 192.168.0.54:3128, Credentials: Name: gaston, Password: ******, Enabled:1, EnabledFallback:1, failed with error code: 14, error message: Connect Failed, and error details:
  • Replication details: [Task: CReplicationConsistencyTask, Scenario: Automatic replication (REGULAR), Connection: 192.168.0.100:2222, Connection established: false, Replication inconsistency detected: false, Server busy state detected: false, Realm change detected: false, Realm uuid: c9571c4d-bc84-11e9-9313-1a4868efc0ac, Sent logs: 0, Cached static objects: 53, Cached static object groups: 10, Static objects to save: 0, Static objects to delete: 0, Modified static objects: 0]
  • All replication attempts: 33123
Last successful replication 2020-Mar-09 11:02:49 OK
  • Successful replications: 30217
  • All replication attempts: 30219
  • Connection: 192.168.0.100:2222
  • Scenario: REGULAR
Peer certificate 2020-Mar-11 10:59:49 Error
  • Agent peer certificate with subject 'CN=Agent at *, C=US' issued by 'CN=Server Certification Authority, C=US' with serial number '018437f343bd744248ba7128a7e21ba08501' is invalid now (NodVerifyTrustResult: 42, NVT_NotTrusted, X509ChainStatus: 0x10000, X509CSF_PartialChain)
  • Peer certificate may be valid but can not be verified on this machine
  • Check time validity and presence of issuing certification authority
Product 2020-Feb-17 11:29:38 Product install configuration:
  • Product type: Agent
  • Product version: 7.0.577.0
  • Product locale: en_US
Replication security 2020-Mar-11 11:26:50 OK
  • Remote host: 192.168.0.100
  • Remote product: Server
Link to post
Share on other sites

Hi MartinK, I have not changed any certificate not in clients or servers, I have only run updates for the server through the console

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...