Agent lost connection with EP Cloud

[Andrei_Sv 0]

Hello,

We migrated from a EP server we have in our network to EP Cloud not log ago. 

The problem is  that the during the migration we imported the agent policy.

Now, when I installed ESET on my PC, I see in my status.html that Era.Common.Services.Replication.CheckReplicationConsistencyRequest points to the old server

 

Is there a way to remove the bad certificate from the new EP Cloud?

I tried to download the certificate from the cloud and put it on the local server, but I cannot visualise or export my certificates.

 

Do you  have any ideea about how can we fix this problem?

 

Thank you for your help,

 

Andrei

[Marcos 4,705]

Please create an agent installer in ESET PROTECT CLOUD and re-deploy it on clients:

[Andrei_Sv 0]

I created and deployed at least 10 installers, and at every install I changed a setting in order to find the problem.

My agent still looses imediatly the connection with the Cloud EP. But the Eset Endpoint Security seems to be well connected.

I will join a status.html file from one of my PCs, hopefully this will help.

 

[Marcos 4,705]

There was a temporary problem with EPC yesterday which might have affected your EPC instance too. Has the issue been resolved? All cloud systems are currently operational as per https://status.eset.com/.

[Andrei_Sv 0]

Thanks Marcos for your answer, but my problem presists. 

on the peer certificate I have :

 

"    Agent peer certificate with subject --------------------------------- is signed with obsolete signature algorithm and it is invalid now (NodVerifyTrustResult: 42, NVT_NotTrusted, X509ChainStatus: 0x10000, X509CSF_PartialChain)
    Peer certificate may be valid but can not be verified on this machine
    Check time validity, revocation and presence of issuing certification authority"

The certificate I see in this log (in the Peer certificate section) is the old certificate used on the local eset EP, before we migrated on the cloud.

In the replication security, wich is marked in green, the certificate looks like an eset generated certificate "Remote certificate: Subject='CN=*.a.ecaserver.eset.com', Issuer='C=US, O=DigiCert Inc, OU=www.digicert.com"

Do you know how can I find and remove the bag certificate on the EPC and assign the correct Eset certificate to my agent?

 

Thank you for your help,

 

Andrei

 

[Marcos 4,705]

You are right about the peer agent certificate, it should look like this:

Did you uninstall the agent prior to installing the one generated by ESET PROTECT Cloud or you installed it on top of the previously installed agent?

[Andrei_Sv 0]

The Pc where I got the status.html file is a brand new PC. I just installed Windows on it, it never knew the old eset agent.

My peer certificate looks like : 

    Agent peer certificate with subject 'CN=Agent at *, O=, L=-, S=, C=' issued by 'CN=Autorité de certification de serveur, O=.fr, L=-, S=, C=' with serial number '0106da5451d495444b807c80b602231cefb67601' is signed with obsolete signature algorithm and it is invalid now (NodVerifyTrustResult: 42, NVT_NotTrusted, X509ChainStatus: 0x10000, X509CSF_PartialChain)
    Peer certificate may be valid but can not be verified on this machine
    Check time validity, revocation and presence of issuing certification authority 

[Marcos 4,705]

Please do the following:
- uninstall the agent to make sure there is no incorrect policy enforcing the peer agent certificate used
- use the download link provided by ESET PROTECT Cloud to download and install the agent from scratch: