BlackPanther 0 Posted October 9, 2020 Share Posted October 9, 2020 Hi All, Can anyone help me out i have a domain environment and eset endpoint installed on all computers and i am managing all of it through Eset SMC(Security Management Center). the issue i am facing is currently right now is that the status of computers are not updating in SMC. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,909 Posted October 9, 2020 Administrators Share Posted October 9, 2020 Please check C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html and trace.log for possible errors on one of the troublesome clients. Link to comment Share on other sites More sharing options...
BlackPanther 0 Posted October 9, 2020 Author Share Posted October 9, 2020 Hi - Marcos, Thanks for the reply attached is the log report. Link to comment Share on other sites More sharing options...
BlackPanther 0 Posted October 9, 2020 Author Share Posted October 9, 2020 Here is the log file. 2020-10-08 05:34:41 Error: CAgentSecurityModule [Thread 43c]: Certificated user verification failed with: VerifyDnsSubjectAltName: Hostname does not match any supported record in certificate SubjectAltName extension (eset.abc.local) 2020-10-08 05:34:41 Error: AuthenticationModule [Thread 1ea4]: DeviceEnrollmentCommand execution failed with: Request: Era.Common.Services.Authentication. RPCEnrollmentRequest on connection: host: "x.y,z" port: 2222 with proxy set as: Proxy: Connection: :3128, Credentials: Name: , Password: ******, Enabled:0, EnabledFallback:1, failed with error code: 14, error message: Connect Failed, and error details: 2020-10-08 05:34:41 Warning: CReplicationModule [Thread 139c]: GetAuthenticationSessionToken: Received failure status response: TEMPORARILY_UNAVAILABLE (Error description: session token temporarily unavailable, device is not enrolled yet) 2020-10-08 05:34:41 Error: CReplicationModule [Thread 139c]: InitializeConnection: Initiating replication connection to 'host: " x.y,z " port: 2222' failed with: GetAuthenticationSessionToken: Failed to fetch device session token in time Link to comment Share on other sites More sharing options...
Administrators Marcos 4,909 Posted October 9, 2020 Administrators Share Posted October 9, 2020 Please check certificate details: Hostname does not match any supported record in certificate SubjectAltName extension (eset.abc.local) I assume that you entered eset.abc.local as the host and this hostname is not accessible from the client. You can create a new agent certificate with an asterisk in the host field and reinstall agent (manually via a server-assisted installation or by exporting a new agent live installer): Link to comment Share on other sites More sharing options...
BlackPanther 0 Posted October 12, 2020 Author Share Posted October 12, 2020 still no luck with this also. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,909 Posted October 12, 2020 Administrators Share Posted October 12, 2020 Please post the current status.html from the client to see what has changed. Link to comment Share on other sites More sharing options...
BlackPanther 0 Posted October 12, 2020 Author Share Posted October 12, 2020 PFA Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 4,909 Posted October 12, 2020 Administrators Solution Share Posted October 12, 2020 Peer certificate may be valid but cannot be verified on this machine. Have you recently changed the CA certificate? Does any of the machines still report to the ESMC alright? If no machine is able to connect, I'd recommend: 1, generating new peer certificates 2, generating a fresh live agent installers and deploying it on the clients (you can install agent manually on one machine and use server-assisted installation to see if the issue goes away then) Link to comment Share on other sites More sharing options...
ESET Staff MartinK 376 Posted October 12, 2020 ESET Staff Share Posted October 12, 2020 (edited) In this case, most relevant error seems to be the last one: Quote Hostname does not match any supported record in certificate SubjectAltName which is reaso why AGENT is rejecting SERVER's certificate. Problem is that AGENT is trying to connect to hostname that is not "signed" in SERVER's certificate. Other errors indicate also that there is missing CA certificate for AGENT's certificate itself, but that is not fatal problem. Solution would be to create new ESMC peer certificate, that signs all used hostnames/IP addresses, and is signed by CA certificate trusted by AGENTs. Once properly set in ESMC's configuration, AGENTs should start to connect. Edited October 12, 2020 by MartinK Link to comment Share on other sites More sharing options...
BlackPanther 0 Posted October 15, 2020 Author Share Posted October 15, 2020 Thanks Marcos and MartinK issue has been resolved. Link to comment Share on other sites More sharing options...
Recommended Posts