Jump to content

Archived

This topic is now archived and is closed to further replies.

Sista

ESMC 7.1 Certificate problem

Recommended Posts

Hello,

I installed ESET Security Management Console VA, I installed certificate for the https via tomcat with a wildcard certificate and the access via HTTPS is ok.

Now I see a lot of error in the file /var/log/eset/RemoteAdministrator/Agent/trace.log:

2020-04-02 07:04:44 Error: CAgentSecurityModule [Thread 7f99bf9a3700]: Certificated user verification failed with: VerifyDnsSubjectAltName: Hostname does not match any supported record in certificate SubjectAltName extension (*.mydomain.it,mydomain.it)
2020-04-02 07:04:49 Error: CAgentSecurityModule [Thread 7f99bf9a3700]: Certificated user verification failed with: VerifyDnsSubjectAltName: Hostname does not match any supported record in certificate SubjectAltName extension (*.mydomain.it,mydomain.it)
2020-04-02 07:04:49 Error: CReplicationModule [Thread 7f99bb19a700]: InitializeConnection: Initiating replication connection to 'host: "127.0.0.1" port: 2222' failed with: Request: Era.Common.Services.Replication.CheckReplicationConsistencyRequest on connection: host: "127.0.0.1" port: 2222 with proxy set as: Proxy: Connection: :3128, Credentials: Name: , Password: ******, Enabled:0, EnabledFallback:1, failed with error code: 14, error message: Connect Failed, and error details:
2020-04-02 07:04:49 Warning: CReplicationModule [Thread 7f99bb19a700]: InitializeConnection: Not possible to establish any connection (Attempts: 1)
2020-04-02 07:04:49 Error: CReplicationModule [Thread 7f99bb19a700]: InitializeFailOverScenario: Skipping fail-over scenario (stored replication link is the same as current)
2020-04-02 07:04:49 Error: CReplicationModule [Thread 7f99bb19a700]: CAgentReplicationManager: Replication finished unsuccessfully with message: InitializeConnection: Initiating replication connection to 'host: "127.0.0.1" port: 2222' failed with: Request: Era.Common.Services.Replication.CheckReplicationConsistencyRequest on connection: host: "127.0.0.1" port: 2222 with proxy set as: Proxy: Connection: :3128, Credentials: Name: , Password: ******, Enabled:0, EnabledFallback:1, failed with error code: 14, error message:  Connect Failed, and error details: Replication details: [Task: CReplicationConsistencyTask, Scenario: Automatic replication (REGULAR), Connection: 127.0.0.1:2222, Connection established: false, Replication inconsistency detected: false, Server busy state detected: false, Realm change detected: false, Realm uuid: 89746cbc-1e23-46dc-a7d6-518526f67358, Sent logs: 0, Cached static objects: 0, Cached static object groups: 0, Static objects to save: 0, Static objects to delete: 0, Modified static objects: 0]

 

What am I doing wrong?

 

Thank you

Share this post


Link to post
Share on other sites

Problem solved, the first configuration fail in some point, I do a new deployment and all is working.

 

Thank you

 

Share this post


Link to post
Share on other sites
2 hours ago, Sista said:

Problem solved, the first configuration fail in some point, I do a new deployment and all is working.

 

Thank you

 

Problem was, that AGENT was connecting to "127.0.0.1" but ESMC's certificate is signed only for *.mydomain.it, mydomain.it, i.e. all AGENT's has to be configured to connecto to hostname matching regular expression *.mydomain.it.

As it started to work after redeploy, locally installed AGENT is now probably using also fully qualified name of ESMC.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...