Error: Authenticate: Certificate common name contains ambiguous or no product string

[Joel DeTeves 1]

Hello,

No matter what it seems I cannot get any of my agents to connect to my ESET Security Management Center server - each time I try to install the agent it results in a connection error in the status log:

 

I have tried generating certificates from the wizard over and over, and no matter which combination of strings I use, it always results in "Certificate common name contains ambiguous or no product string"

As you can see from the screenshot, the Common Name contains the Agent string (and each time I have tried I have generated the cert using the wizard in ESMC) - I am at a loss as to why it isn't working.

Hoping someone can shed some light on this issue

Thank you,

[Joel DeTeves 1]

I managed to resolve this problem.

We use a custom Docker images running on a Kubernetes cluster with Traefik ingress controllers (one for the web server and the other one for the server backend component) - it turns out the problem was with Traefik and I needed to use a TCP router for the server component instead of an http one, see https://doc.traefik.io/traefik/routing/providers/kubernetes-crd/#kind-ingressroutetcp

http router -> web component

tcp router -> server component

Hope this helps,

Edited December 9, 2020 by Joel DeTeves
Add missing info

[MartinK 376]

There is one special requirement for ERA/ESMC/PROTECT certificates:

• CN (CommonName) of certificate for ESMC Server has to contain word "server" and also it cannot contain word "agent" or "proxy".

Could you please check that your certificate meets this criteria? Or is this certificate created by management console? IF so, problem might be that hostname (which is also part of CN fields) contains prohibited words.