Jump to content

Peer Certificate is Invalid

Recommended Posts

Help! I've migrated another 35-user license to ERA6 and I'm in the process of rolling out packages. I've now tried three times and each time I get "Peer Certificate is Invalid when I install the agent.


This is the first certificate I've created since I did the .365 upgrade from .265, but I don't know if that matters. Also, I notice on my previous certificates the product is shown as agent but with the new certificate it's Agent (capital A). Again, I don't know if that matters.


Please can someone assist, or advise what may be wrong? The Agent Live Installer downloads fine, the Agent installs fine, and it connects to the ERA okay.  But within a few seconds the comptuer in ERA goes red and I see this error message.


Many thanks





Link to comment
Share on other sites

  • ESET Staff

Agent itself tries to verify its peer certificate. If agent is not able to verify its own peer certificate, then error "Peer Certificate is Invalid" will be generated to status log (status.html) and if possible, sent to a server.


My guess is that Agent certificate (new one) was signed with different certification authority than server certificate was signed with. During deployment you have used new Agent certificate and original certification authority - this is correct way because original certification authority was enough for agent to verify server certificate and on the other hand, server was able to verify new agent certificate as it has all certification authorities in database.


After first connection was successfully established, all trusted certification authorities from server were replicated to agent and from that moment agent was able to verify its own peer certificate and clear the error.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...