Jump to content

How to detect if an agent has an old certificate?


Recommended Posts

When making a new certificate cause the previous was essentially obsolete we pushed the new one out with many agents coming onboard.

However some weren't onboard when we switched and cause of the current times when many might not be online for quite awhile it's not really working to wait forever.

 

So in order to solve this i am trying to find a way to detect them, and currently the closest thing i have come to is checking the:
"C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html" if it contains "NodVerifyTrustResult: 42"
and if it does just reinstall the agent.

Sadly this doesn't seem to work that well as it can be a delay of the status compared to when the agent is installed (when the script verifies it's  working) and i just can't seem to make it work out.

 

So out of current ideas i am hoping to get some answers here on how to approach this as there might be a much more clean way to tackle this issue that i am unaware of.

Thanks!

Link to comment
Share on other sites

  • 2 weeks later...

You can see that it's old there, thing is i have replace it, but some agents are stuck with the old,
and as that prevents them from connecting in the first place as far as i can tell, there's not much i can see or do in ESMC.

Unless i missed something and there is a way to force the agent to upgrade the certificate even if it the one it has is invalid.

 

Or what could be good is if there was logs that showed invalid connection attempts caused by a bad certificate, cause that could help.

Edited by zerowalker
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...