Jump to content

Recommended Posts

Posted

Our server with ESET PROTECT has crashed and we weren't able to recover it. Unfortunately we didn't have certificates backed up. We have setup a new server but obviously agents aren't connecting. Is there a way to change certificates on all agents without walking up to each computer individually and going through the installer steps? Is it in a file somewhere that we could change with Powershell?

  • Administrators
Posted

You'll need to generate a new live Agent installer and re-deploy it on clients.

Posted
8 minutes ago, Marcos said:

You'll need to generate a new live Agent installer and re-deploy it on clients.

Generating an Agent Live installer generates a .bat file. What should we do with it? Can we not just deploy an .msi through GPO instead?

  • ESET Staff
Posted

In order to recover connectivity of already installed clients, it would require you to restore ESET PROTECT certificate and respective CA certificate - where both of them are store in PROTECT's database - so it depends on what means "crashed" .

Alternative, but more complicated solution is to re-deploy or use installation repair of AGENTs with new parameters, i.e. reinstall or modify existing AGENTs with newly created certificates. For this purpose, any deployment method can be used, so also GPO "script", etc.

Posted
20 minutes ago, MartinK said:

In order to recover connectivity of already installed clients, it would require you to restore ESET PROTECT certificate and respective CA certificate - where both of them are store in PROTECT's database - so it depends on what means "crashed" .

RAID where our instance of ESET PROTECT was is unrecoverable.

Anyway, it seems I have found a .bat file that I exported from the server before it crashed. Does it contain the certificates? Is it possible to restore the connection without reinstalling the agents if I have this file?

  • ESET Staff
Posted
On 11/15/2021 at 3:05 PM, Arekn said:

RAID where our instance of ESET PROTECT was is unrecoverable.

Anyway, it seems I have found a .bat file that I exported from the server before it crashed. Does it contain the certificates? Is it possible to restore the connection without reinstalling the agents if I have this file?

Unfortunately that is not enough as installers do contain only CA certificate and certificate for AGENTs, but for restoring connectivity, it is crucial to get certificate for ESET PROTECT Server, which is much more "sensitive" and it is normally stored only in it's database, especially public part that is required in this case - in other words, this certificate can be recovered only from database or manual export. This is due to security reasons, as leak of such certificate would enable possible "attacker" to get hold of the managed devices...

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...