Joel DeTeves 1 Posted December 8, 2020 Share Posted December 8, 2020 Hello, No matter what it seems I cannot get any of my agents to connect to my ESET Security Management Center server - each time I try to install the agent it results in a connection error in the status log: I have tried generating certificates from the wizard over and over, and no matter which combination of strings I use, it always results in "Certificate common name contains ambiguous or no product string" As you can see from the screenshot, the Common Name contains the Agent string (and each time I have tried I have generated the cert using the wizard in ESMC) - I am at a loss as to why it isn't working. Hoping someone can shed some light on this issue Thank you, Link to comment Share on other sites More sharing options...
Solution Joel DeTeves 1 Posted December 9, 2020 Author Solution Share Posted December 9, 2020 (edited) I managed to resolve this problem. We use a custom Docker images running on a Kubernetes cluster with Traefik ingress controllers (one for the web server and the other one for the server backend component) - it turns out the problem was with Traefik and I needed to use a TCP router for the server component instead of an http one, see https://doc.traefik.io/traefik/routing/providers/kubernetes-crd/#kind-ingressroutetcp http router -> web component tcp router -> server component Hope this helps, Edited December 9, 2020 by Joel DeTeves Add missing info Link to comment Share on other sites More sharing options...
ESET Staff MartinK 376 Posted December 9, 2020 ESET Staff Share Posted December 9, 2020 There is one special requirement for ERA/ESMC/PROTECT certificates: CN (CommonName) of certificate for ESMC Server has to contain word "server" and also it cannot contain word "agent" or "proxy". Could you please check that your certificate meets this criteria? Or is this certificate created by management console? IF so, problem might be that hostname (which is also part of CN fields) contains prohibited words. Link to comment Share on other sites More sharing options...
Recommended Posts