Jump to content

ESMC 7.1 Certificate problem


Recommended Posts

Hello,

I installed ESET Security Management Console VA, I installed certificate for the https via tomcat with a wildcard certificate and the access via HTTPS is ok.

Now I see a lot of error in the file /var/log/eset/RemoteAdministrator/Agent/trace.log:

2020-04-02 07:04:44 Error: CAgentSecurityModule [Thread 7f99bf9a3700]: Certificated user verification failed with: VerifyDnsSubjectAltName: Hostname does not match any supported record in certificate SubjectAltName extension (*.mydomain.it,mydomain.it)
2020-04-02 07:04:49 Error: CAgentSecurityModule [Thread 7f99bf9a3700]: Certificated user verification failed with: VerifyDnsSubjectAltName: Hostname does not match any supported record in certificate SubjectAltName extension (*.mydomain.it,mydomain.it)
2020-04-02 07:04:49 Error: CReplicationModule [Thread 7f99bb19a700]: InitializeConnection: Initiating replication connection to 'host: "127.0.0.1" port: 2222' failed with: Request: Era.Common.Services.Replication.CheckReplicationConsistencyRequest on connection: host: "127.0.0.1" port: 2222 with proxy set as: Proxy: Connection: :3128, Credentials: Name: , Password: ******, Enabled:0, EnabledFallback:1, failed with error code: 14, error message: Connect Failed, and error details:
2020-04-02 07:04:49 Warning: CReplicationModule [Thread 7f99bb19a700]: InitializeConnection: Not possible to establish any connection (Attempts: 1)
2020-04-02 07:04:49 Error: CReplicationModule [Thread 7f99bb19a700]: InitializeFailOverScenario: Skipping fail-over scenario (stored replication link is the same as current)
2020-04-02 07:04:49 Error: CReplicationModule [Thread 7f99bb19a700]: CAgentReplicationManager: Replication finished unsuccessfully with message: InitializeConnection: Initiating replication connection to 'host: "127.0.0.1" port: 2222' failed with: Request: Era.Common.Services.Replication.CheckReplicationConsistencyRequest on connection: host: "127.0.0.1" port: 2222 with proxy set as: Proxy: Connection: :3128, Credentials: Name: , Password: ******, Enabled:0, EnabledFallback:1, failed with error code: 14, error message:  Connect Failed, and error details: Replication details: [Task: CReplicationConsistencyTask, Scenario: Automatic replication (REGULAR), Connection: 127.0.0.1:2222, Connection established: false, Replication inconsistency detected: false, Server busy state detected: false, Realm change detected: false, Realm uuid: 89746cbc-1e23-46dc-a7d6-518526f67358, Sent logs: 0, Cached static objects: 0, Cached static object groups: 0, Static objects to save: 0, Static objects to delete: 0, Modified static objects: 0]

 

What am I doing wrong?

 

Thank you

Link to post
Share on other sites

Problem solved, the first configuration fail in some point, I do a new deployment and all is working.

 

Thank you

 

Link to post
Share on other sites
  • ESET Staff
2 hours ago, Sista said:

Problem solved, the first configuration fail in some point, I do a new deployment and all is working.

 

Thank you

 

Problem was, that AGENT was connecting to "127.0.0.1" but ESMC's certificate is signed only for *.mydomain.it, mydomain.it, i.e. all AGENT's has to be configured to connecto to hostname matching regular expression *.mydomain.it.

As it started to work after redeploy, locally installed AGENT is now probably using also fully qualified name of ESMC.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...