Jump to content

Migrate VA from CentoOS to Rocky Linux, no errors, but can't login to web console - communication error


Go to solution Solved by Marcos,

Recommended Posts

Posted

I've tried to migrate, I reinstalled the Rocky Linux VA 6 or 7 times without any error. I've tried with same IP and different IP methods. When I want to connect first time to Web Console with Administrator password I receive communication error. I've tried with Edge and Chrome from different computers and also with incognito mode. Searching the forum, I found that maybe it's something from Tomcat chiper config, but without success. Last time I installed Rocky Linux VA without pulling database from the other server, this is how logging in the web console works. 

 

Centos VA is up to date with the latest updates from Eset

version.PNG

Posted (edited)

Thank you Marcos, the solution worked perfect!

Another situation after migrating some PCs and servers:

On all Windows Server 2016 Standard (I have few) in console appear Configuration module has malfunctions. I've tried clear cache on client side and few restarts, but the message from console still remain. On client side (Windows Server 2016 Standard with Eset Server Security) I don't have any error.

P.S. I've seen that someone posted about LDAPS integration. This is also not working, will appreciate a procedure/update for it.

 

 

Edited by Ionut C.
Posted

I was able to configure LDAPS with help from Eset support. Same settings for Kerberos as CentOS and NTP server configured in chrony on Rocky Linux. 

Posted

I fought the same communication error for the last two days. Thank you for the solution.

Now on to the next issue ...

 

Posted

Hi Marcos,

Have a few follow-up questions about this process that aren't covered in the article. I've created the new VM with the Rocky-based appliance, imported the database, done the intiial configuration with a new IP address and FQDN. Then had to detour to deal with the SHA1 certificate problem. On the Rocky appliance, I've created the new SHA2 CA as well as the Server and Agent certificates. That's as far as I've gone. As of right now, none of the preexisting clients have been migrated over (waiting for that fix tomorrow so I can update the agents properly). Also, no full disk encryption in use here.

Question 1: Am I better off moving the clients over to the new server first, then waiting until they have all talked to the new server and picked up the SHA2 CA and certs, then change the connection certificate to the SHA2 server cert on the Rocky appliance, OR should I change the server certificate on the Rocky appliance first, revoke and remove the old SHA1 certificates, set the new SHA2 certificate as the connection certificate under settings and then migrate the clients over to that server (in other words, will they pick up the certificates from the new server when they are migrated over to it or does the certificate on the new appliance need to match the certificate on the old one for the migration to work properly)?

Question 2: Under Peer Certificates, there are four certificates, all of which were created on the same day and time I set up the original appliance in here. Server, Agent, Proxy and "Agent cert for server assisted installation". As per the instructions, I've created SHA2 Server and Agent certs using the SHA2 CA. The documents that I saw did not mention the other two at all. Do I need to worry about the other two certificates?

Question 3: Should I be deleting the old certs and CA or leaving them as-is? I'd kind of like to remove them at some point so as to be sure that nothing is using the old CA anymore. If not deleting, do I need to be leaving the old SHA1 CA intact and in place so those certs will continue to work, thereby punting that issue down the road to a further point?
 

  • 1 month later...
Posted
On 3/30/2024 at 5:49 PM, Ionut C. said:

 

Another situation after migrating some PCs and servers:

On all Windows Server 2016 Standard (I have few) in console appear Configuration module has malfunctions. I've tried clear cache on client side and few restarts, but the message from console still remain. On client side (Windows Server 2016 Standard with Eset Server Security) I don't have any error.

 

 

 

What was yout solution for the problem with the Server 2016? (configuration module has malfunctions) I´ve got the same problem.

  • Administrators
Posted
1 hour ago, ottl05 said:

What was yout solution for the problem with the Server 2016? (configuration module has malfunctions) I´ve got the same problem.

The error was reported on systems without SHA-256 code signing support which doesn't seem to be the case of Windows Server 2016. Please raise a support ticket for help with further troubleshooting.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...