Jump to content

Peer Certificate is Invalid after change Agent modification


Recommended Posts

I recently migrated from a local ESET install to ESET Cloud. Everything was fine, all the computers were being updated. I made a change to the agent to lock some of the settings. Now all of my computers are reporting that the Peer Certificate is Invalid. How can I remedy this?

Link to comment
Share on other sites

  • Administrators

Based on the message I would say that the CA certificate is missing on the client. Create a new agent live installer in the ESET PROTECT console and re-deploy it on the client(s).

Link to comment
Share on other sites

Is the "Agent Upgrade" task what I should use to re-deploy? I ask because I did that, but it's not running on the clients.

image.png.df3d7b7860456c58e4964b14f4e1ac2c.png

Link to comment
Share on other sites

  • Administrators

If a client is no longer reporting to the ESET PROTECT server, running tasks from the console won't help. You must re-deploy the agent on affected clients, e.g. via GPO, manually or using the ESET Remote Deployment tool.

Link to comment
Share on other sites

  • ESET Staff

Can you please share the details about how you have migrated from the on premise to cloud? Root cause might be within the migration procedure. Also, did it stop working at the moment of migration, or it was working OK, and afterwards something got broken? My idea would be, that you somehow applied the cert from the on premise server, to your EPC connected agents, so the EPC server will not let them in. But that is just my assumption. 

Link to comment
Share on other sites

I did the migration by following this article:  https://help.eset.com/protect_cloud/en-US/?cloud_migration.html

Everything went fine with the migration for all the local endpoints. I spent the weekend remoting into PC's that are external to our network to manually install the new version. Everything was running fine. I did an edit on the agent to lock the policies (see below) so they couldn't be changed on the workstations. Within seconds, every endpoint that was turned on went red with the Peer Certificate error. As far as I can tell, there is no way to edit or change a certificate anywhere in the agent. Since there is no certificate listed anywhere (and there's only one ESET Management Agent shown), I'm really confused and upset that this simple change created this huge problem. 

image.thumb.png.0e841f9eadf3bdca1eff0c48093bfbca.png

Link to comment
Share on other sites

@MichalJ Is there a way to change the certificate on the "cloud server" to match what's on all these clients?

Edited by LesRMed
Link to comment
Share on other sites

  • ESET Staff

Is there any chance you imported configuration policy for ESET Management Agent from your original on-premise ESET PROTECT to cloud instance? That might be source of this issue, especially in case this imported policy had contained your certificates.

Link to comment
Share on other sites

I did what the instructions told me to do (see below). And since that's the only Management Agent in my cloud console, that's the one I modified. Nowhere in it does it reference any certificates. 

image.thumb.png.6971dc3ba2659dcf68485a0d1dce2b1e.png 

image.png.e3bc8438e5cbf9054fa835a24569d5f5.png

image.png

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...