Can noht install / connect a linux agent to ESET Protect docker image.

[abyss02 0]

Hi,

i deployed ESET Protect docker image with the official docker-compose.yml found at hub.docker.com:

 

version: '3'

services:
    mysql:
        image: mysql:8.0.17
        command: |
            --default-authentication-plugin=mysql_native_password
            --innodb-log-file-size=100M
            --innodb-log-files-in-group=2
            --max-allowed-packet=30M
            --bind-address=*
            --log_bin_trust_function_creators=1
        restart: unless-stopped
        environment:
            - MYSQL_ROOT_USER=root
            - MYSQL_ROOT_PASSWORD=eraadmin
        volumes:
            - mysql:/var/lib/mysql

    eset-protect-server:
        image: esetnederland/eset-protect-server
        depends_on: 
            - mysql
        restart: unless-stopped
        environment:
            - DB_ADMIN_USERNAME=root
            - DB_ADMIN_PASSWORD=eraadmin
        volumes:
            - eset-protect-server-config:/config
            - eset-protect-server-data:/data
            - eset-protect-server-logs:/logs
        ports: 
            - 2222:2222

    eset-protect-console:
        image: esetnederland/eset-protect-console
        depends_on: 
            - eset-protect-server
        restart: unless-stopped
        volumes:
            - eset-protect-console:/config
        ports: 
            - 8080:8080

volumes:
    mysql:
    eset-protect-server-config:
    eset-protect-server-data:
    eset-protect-server-logs:
    eset-protect-console:

 

I installed my licenses, did some basic configuration and tried to install / connect an linux agent ...

./agent-linux-x86_64.sh \
--skip-license \
--hostname=192.168.0.17 \
--port=2222 \
--webconsole-user=Administrator \
--webconsole-password=mypasswd \
--webconsole-port=8080

 

But the agent can not connect to the server or retrieve a certificate ...

The error message:

Getting certificate from server...
It is not possible to connect to the ESET PROTECT Server.

 

The logfile shows this ...
2024-03-19 19:51:28 Information: Installer: *******************************************
2024-03-19 19:51:28 Information: Installer: Initialized log file: /var/log/eset/RemoteAdministrator/EraAgentInstaller.log
2024-03-19 19:51:28 Information: Installer: Creating directories...
2024-03-19 19:51:28 Information: Installer: Creating 'config' directory path: /etc/opt/eset/RemoteAdministrator/Agent
2024-03-19 19:51:28 Information: Installer: Creating 'data' directory path: /var/opt/eset/RemoteAdministrator/Agent
2024-03-19 19:51:28 Information: Installer: Creating 'Pki Cache' directory path: /var/opt/eset/RemoteAdministrator/Agent/pki.eset.com/
2024-03-19 19:51:28 Information: Installer: Creating 'logs' directory path: /var/log/eset/RemoteAdministrator/Agent
2024-03-19 19:51:28 Information: Installer: Creating 'libs' directory path: /opt/eset/RemoteAdministrator/Agent
2024-03-19 19:51:28 Information: Installer: Directories created
2024-03-19 19:51:28 Information: Installer: The archive will be extracted to: /opt/eset/RemoteAdministrator/AgentInstallerData
2024-03-19 19:51:28 Information: Installer: Extracting, please wait...
2024-03-19 19:51:29 Information: Installer: The unpacked installer data will be moved to: /opt/eset/RemoteAdministrator/Agent
2024-03-19 19:51:29 Information: Installer: Checking OpenSSL ...
2024-03-19 19:51:29 Information: DepCheckOpenSSL: Action invoked with:  --appdata-data-dir /var/opt/eset/RemoteAdministrator/Agent --ca-password ********** --cert-auth-content ********** --cert-auth-path "" --cert-auth-temp-path "" --cert-content ********** --cert-password ********** --cert-password-is-base64 ********** --cert-path "" --cert-temp-path "" --cert-to-check-password ********** --cert-to-check-path "" --computer-added-uuid "" --computer-group-choice DEFAULT --connection-chosen host --create-ca 0 --current-version 11.0.503.0 --custom-policy "" --db-backup-path "" --db-connectors-dir "" --db-path /var/opt/eset/RemoteAdministrator/Agent/data.db --db-scripts-dir "" --db-type SQLite --db-upgrade "" --enable-telemetry "" --era-lib-dir /opt/eset/RemoteAdministrator/Agent/ --hostname "" --hostname-to-check "" --initial-static-group "" --installed "" --installed-version "" --keep-stored-policies 0 --log-sequence-id "" --modules-dir /opt/eset/RemoteAdministrator/Agent/setup/Modules/ --port 2222 --port-to-check "" --product-guid "" --product-name Agent --proxy-http-hostname "" --proxy-http-password ********** --proxy-http-port 3128 --proxy-http-username ********** --replication-interval "" --server-cert-temp-path "" --upgrade "" --use-proxy 0 --webconsole-hostname "" --webconsole-password ********** --webconsole-port 8080 --webconsole-use-domain "" --webconsole-user Administrator
2024-03-19 19:51:29 Information: DepCheckOpenSSL: Set output property: P_OPENSSL_VERSION = OpenSSL 3.0.11 19 Sep 2023
2024-03-19 19:51:29 Information: DepCheckOpenSSL: Return code: 0
2024-03-19 19:51:29 Information: Installer: Found: OpenSSL 3.0.11 19 Sep 2023
2024-03-19 19:51:29 Information: Installer: GUID loaded from config-file with value: b1c41e2d-7028-4866-b8d7-ec94a034b62b
2024-03-19 19:51:29 Information: Installer: Installed version loaded from config-file is: 11.0.503.0
2024-03-19 19:51:29 Information: Installer: Checking installed version ...
2024-03-19 19:51:29 Information: CheckVersion: Action invoked with:  --appdata-data-dir /var/opt/eset/RemoteAdministrator/Agent --ca-password ********** --cert-auth-content ********** --cert-auth-path "" --cert-auth-temp-path "" --cert-content ********** --cert-password ********** --cert-password-is-base64 ********** --cert-path "" --cert-temp-path "" --cert-to-check-password ********** --cert-to-check-path "" --computer-added-uuid "" --computer-group-choice DEFAULT --connection-chosen host --create-ca 0 --current-version 11.0.503.0 --custom-policy "" --db-backup-path "" --db-connectors-dir /opt/eset/RemoteAdministrator/Agent/setup --db-path /var/opt/eset/RemoteAdministrator/Agent/data.db --db-scripts-dir /opt/eset/RemoteAdministrator/Agent/setup/Database --db-type SQLite --db-upgrade "" --enable-telemetry "" --era-lib-dir /opt/eset/RemoteAdministrator/Agent/ --hostname "" --hostname-to-check "" --initial-static-group "" --installed "" --installed-version 11.0.503.0 --keep-stored-policies 0 --log-sequence-id "" --modules-dir /opt/eset/RemoteAdministrator/Agent/setup/Modules/ --port 2222 --port-to-check "" --product-guid b1c41e2d-7028-4866-b8d7-ec94a034b62b --product-name Agent --proxy-http-hostname "" --proxy-http-password ********** --proxy-http-port 3128 --proxy-http-username ********** --replication-interval "" --server-cert-temp-path "" --upgrade "" --use-proxy 0 --webconsole-hostname "" --webconsole-password ********** --webconsole-port 8080 --webconsole-use-domain "" --webconsole-user Administrator
2024-03-19 19:51:29 Information: CheckVersion: Set output property: P_VERSION_STATUS = REPAIR
2024-03-19 19:51:29 Information: CheckVersion: Return code: 0
2024-03-19 19:51:29 Information: Installer: Status of current installation is: REPAIR
2024-03-19 19:51:29 Information: Installer: Reading previous configuration settings
2024-03-19 19:51:29 Information: LoadInstalledData: Action invoked with:  --appdata-data-dir /var/opt/eset/RemoteAdministrator/Agent --ca-password ********** --cert-auth-content ********** --cert-auth-path "" --cert-auth-temp-path "" --cert-content ********** --cert-password ********** --cert-password-is-base64 ********** --cert-path "" --cert-temp-path "" --cert-to-check-password ********** --cert-to-check-path "" --computer-added-uuid "" --computer-group-choice DEFAULT --connection-chosen host --create-ca 0 --current-version 11.0.503.0 --custom-policy "" --db-backup-path "" --db-connectors-dir /opt/eset/RemoteAdministrator/Agent/setup --db-path /var/opt/eset/RemoteAdministrator/Agent/data.db --db-scripts-dir /opt/eset/RemoteAdministrator/Agent/setup/Database --db-type SQLite --db-upgrade "" --enable-telemetry "" --era-lib-dir /opt/eset/RemoteAdministrator/Agent/ --hostname "" --hostname-to-check "" --initial-static-group "" --installed REPAIR --installed-version 11.0.503.0 --keep-stored-policies 0 --log-sequence-id "" --modules-dir /opt/eset/RemoteAdministrator/Agent/setup/Modules/ --port 2222 --port-to-check "" --product-guid b1c41e2d-7028-4866-b8d7-ec94a034b62b --product-name Agent --proxy-http-hostname "" --proxy-http-password ********** --proxy-http-port 3128 --proxy-http-username ********** --replication-interval "" --server-cert-temp-path "" --upgrade "" --use-proxy 0 --webconsole-hostname "" --webconsole-password ********** --webconsole-port 8080 --webconsole-use-domain "" --webconsole-user Administrator
2024-03-19 19:51:30 Information: Entering function: std::string Era::Setup::Common::CustomActions::CDatabaseReader::GetConfigEngineData(const string&)
2024-03-19 19:51:30 Information: Leaving function: std::string Era::Setup::Common::CustomActions::CDatabaseReader::GetConfigEngineData(const string&)
2024-03-19 19:51:30 Information: LoadInstalledData: Set output property: P_CONNECTION_CHOSEN = host
2024-03-19 19:51:30 Information: LoadInstalledData: Set output property: P_HOSTNAME = 192.168.0.247
2024-03-19 19:51:30 Information: LoadInstalledData: Set output property: P_PORT = 2222
2024-03-19 19:51:30 Information: LoadInstalledData: Return code: 0
2024-03-19 19:51:30 Information: Installer: Previous configuration read ('hostname': '192.168.0.247', 'port': 2222)
2024-03-19 19:51:30 Information: Installer: New connection settings are 'hostname': '192.168.0.17', 'port': 2222
2024-03-19 19:51:30 Information: Installer: Checking server connection...
2024-03-19 19:51:30 Information: CheckServerConnection: Action invoked with:  --appdata-data-dir /var/opt/eset/RemoteAdministrator/Agent --ca-password ********** --cert-auth-content ********** --cert-auth-path "" --cert-auth-temp-path "" --cert-content ********** --cert-password ********** --cert-password-is-base64 ********** --cert-path "" --cert-temp-path "" --cert-to-check-password ********** --cert-to-check-path "" --computer-added-uuid "" --computer-group-choice DEFAULT --connection-chosen host --create-ca 0 --current-version 11.0.503.0 --custom-policy "" --db-backup-path "" --db-connectors-dir /opt/eset/RemoteAdministrator/Agent/setup --db-path /var/opt/eset/RemoteAdministrator/Agent/data.db --db-scripts-dir /opt/eset/RemoteAdministrator/Agent/setup/Database --db-type SQLite --db-upgrade "" --enable-telemetry "" --era-lib-dir /opt/eset/RemoteAdministrator/Agent/ --hostname 192.168.0.17 --hostname-to-check 192.168.0.17 --initial-static-group "" --installed REPAIR --installed-version 11.0.503.0 --keep-stored-policies 0 --log-sequence-id "" --modules-dir /opt/eset/RemoteAdministrator/Agent/setup/Modules/ --port 2222 --port-to-check "" --product-guid b1c41e2d-7028-4866-b8d7-ec94a034b62b --product-name Agent --proxy-http-hostname "" --proxy-http-password ********** --proxy-http-port 3128 --proxy-http-username ********** --replication-interval "" --server-cert-temp-path "" --upgrade "" --use-proxy 0 --webconsole-hostname "" --webconsole-password ********** --webconsole-port 8080 --webconsole-use-domain "" --webconsole-user Administrator
2024-03-19 19:51:30 Information: CheckServerConnection: Set output property: P_CONNECTION_CHOSEN = ipv4
2024-03-19 19:51:30 Information: CheckServerConnection: Return code: 0
2024-03-19 19:51:30 Information: CheckPortFormat: Action invoked with:  --appdata-data-dir /var/opt/eset/RemoteAdministrator/Agent --ca-password ********** --cert-auth-content ********** --cert-auth-path "" --cert-auth-temp-path "" --cert-content ********** --cert-password ********** --cert-password-is-base64 ********** --cert-path "" --cert-temp-path "" --cert-to-check-password ********** --cert-to-check-path "" --computer-added-uuid "" --computer-group-choice DEFAULT --connection-chosen ipv4 --create-ca 0 --current-version 11.0.503.0 --custom-policy "" --db-backup-path "" --db-connectors-dir /opt/eset/RemoteAdministrator/Agent/setup --db-path /var/opt/eset/RemoteAdministrator/Agent/data.db --db-scripts-dir /opt/eset/RemoteAdministrator/Agent/setup/Database --db-type SQLite --db-upgrade "" --enable-telemetry "" --era-lib-dir /opt/eset/RemoteAdministrator/Agent/ --hostname 192.168.0.17 --hostname-to-check 192.168.0.17 --initial-static-group "" --installed REPAIR --installed-version 11.0.503.0 --keep-stored-policies 0 --log-sequence-id "" --modules-dir /opt/eset/RemoteAdministrator/Agent/setup/Modules/ --port 2222 --port-to-check 2222 --product-guid b1c41e2d-7028-4866-b8d7-ec94a034b62b --product-name Agent --proxy-http-hostname "" --proxy-http-password ********** --proxy-http-port 3128 --proxy-http-username ********** --replication-interval "" --server-cert-temp-path "" --upgrade "" --use-proxy 0 --webconsole-hostname "" --webconsole-password ********** --webconsole-port 8080 --webconsole-use-domain "" --webconsole-user Administrator
2024-03-19 19:51:30 Information: CheckPortFormat: Set output property: P_PORT_TO_CHECK_STATUS = 0
2024-03-19 19:51:30 Information: CheckPortFormat: Return code: 0
2024-03-19 19:51:30 Information: Installer: Connection checked successfully.
2024-03-19 19:51:30 Information: Installer: Stopping running instance of eraagent.service
2024-03-19 19:51:31 Information: Installer: Getting certificate from server...
2024-03-19 19:51:31 Information: GetServerCertificate: Action invoked with:  --appdata-data-dir /var/opt/eset/RemoteAdministrator/Agent --ca-password ********** --cert-auth-content ********** --cert-auth-path "" --cert-auth-temp-path /opt/eset/RemoteAdministrator/Agent/setup/ca.der --cert-content ********** --cert-password ********** --cert-password-is-base64 ********** --cert-path "" --cert-temp-path /opt/eset/RemoteAdministrator/Agent/setup/peercert.pfx --cert-to-check-password ********** --cert-to-check-path "" --computer-added-uuid "" --computer-group-choice DEFAULT --connection-chosen ipv4 --create-ca 0 --current-version 11.0.503.0 --custom-policy "" --db-backup-path "" --db-connectors-dir /opt/eset/RemoteAdministrator/Agent/setup --db-path /var/opt/eset/RemoteAdministrator/Agent/data.db --db-scripts-dir /opt/eset/RemoteAdministrator/Agent/setup/Database --db-type SQLite --db-upgrade "" --enable-telemetry "" --era-lib-dir /opt/eset/RemoteAdministrator/Agent/ --hostname 192.168.0.17 --hostname-to-check 192.168.0.17 --initial-static-group "" --installed REPAIR --installed-version 11.0.503.0 --keep-stored-policies 0 --log-sequence-id "" --modules-dir /opt/eset/RemoteAdministrator/Agent/setup/Modules/ --port 2222 --port-to-check 2222 --product-guid b1c41e2d-7028-4866-b8d7-ec94a034b62b --product-name Agent --proxy-http-hostname "" --proxy-http-password ********** --proxy-http-port 3128 --proxy-http-username ********** --replication-interval "" --server-cert-temp-path /opt/eset/RemoteAdministrator/Agent/setup/servercert.der --upgrade "" --use-proxy 0 --webconsole-hostname 192.168.0.17 --webconsole-password ********** --webconsole-port 8080 --webconsole-use-domain "" --webconsole-user Administrator
2024-03-19 19:51:31 Information: GetServerCertificate: Set output property: P_SERVER_CONNECTION_STATUS = CONNECTION_ERROR
2024-03-19 19:51:31 Information: GetCertificatesFromServer: Following error occurred while trying to get certificates from server: Bad response type. Request is: {"Era.Common.DataDefinition.Network.Connection": {"host":"192.168.0.17","port":8080} } Response is:{"Era.ServerApi.SimpleResponse": {"result":false,"error":"ProtocolLayer: unsupported protocol version"} }
2024-03-19 19:51:31 Information: CServerAccess: Unloading server API library....
2024-03-19 19:51:31 Information: GetServerCertificate: Return code: 0
2024-03-19 19:51:31 Information: Installer: It is not possible to connect to the ESET PROTECT Server.
2024-03-19 19:51:31 Information: Installer: Cleaning up setup directories

 

Has anyone managed to run ESET protect as a docker container and connect a agent to the server? 

 

BTW: Firewall is off

 

Regards,

Andreas

 

Edited March 19 by abyss02