Jump to content

Questions about completing [KB7930] Enable and apply Advanced security on your network using ESET PROTECT On-Prem


Recommended Posts

While waiting on the fix for Rocky-based on-prem appliance, I am enabling advanced security on my existing CentOS-based on-prem appliance (Server v11.0.199.0, Web Console v11.0.193.0) and I'm almost done. I've created the SHA256 cert authority and used it to sign new server and agent certificates. I've also applied the new SHA256 agent certificate to all of the ESET clients via an agent migration policy, which pointed them to the same server, but using the new agent certificate. So I've finished all steps up to the last one, step 10.

At the moment, the old Server certificate shows a 1 under "# of clients using", which I'm sure is the ESET Protect appliance although the Certificate Usage option is grayed out so I can't see for sure.

There is also an "Agent certificate for server assisted installation" certificate which shows 1 client using as well, which I can see is the ESET Protect appliance.

So, my first question is about the "Agent certificate for server assisted installation". Do I need to do anything about migrating this one?

My second question is about the ESET Protect appliance itself. That's the one device listed under Computers that I have NOT applied the agent migration policy to. Should I apply the new agent certificate via the migration policy to the ESET Protect appliance before performing the last step (Step 10) in KB7930, which is where I change to the new certificate under More->Settings->Connection->Change Certificate->Open certificate list, or does the last step handle that?

My last question is, once this is completed, should I remove the old certificates, or is it best to just leave them? Will they be left behind when I migrate to the coming Rocky-based appliance?
 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...