vavramid 0 Posted March 30, 2016 Share Posted March 30, 2016 Dear All,Since the 5.0.22 clients updated their virus signature database into the 13249 version and afterwards , we are not able to open encrypted URL's using the HTTS. The 4.2.x clients do not face this issue.The following error is being receiving :Secure Connection FailedAn error occurred during a connection to support.oracle.com. Peer received a valid certificate, but access was denied. Error code: SSL_ERROR_ACCESS_DENIED_ALERT We rolled back in a previous versions( using ERA) and the HTTPS sites are working fine.ESET Endpoint Antivirus Clients versison : 5.0.22 & 4.2.76ESET Remote Administration (ERA) version : 5.2.26 Please advise. Thanks. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,286 Posted March 30, 2016 Administrators Share Posted March 30, 2016 Please provide me with the output from ESET Log Collector as per the instructions at hxxp://support.eset.com/kb3466/ as it seems that access to the website was blocked for some reason. Link to comment Share on other sites More sharing options...
bluky 0 Posted March 30, 2016 Share Posted March 30, 2016 We had the same problem. For us, the problem was solved by upgrade AV clients to 5.0.2260.1 ( You can download it from Eset International page) Link to comment Share on other sites More sharing options...
JamesM 0 Posted March 31, 2016 Share Posted March 31, 2016 We are also seeing this problem with Endpoint 6.3.2016. Link to comment Share on other sites More sharing options...
Domo 4 Posted April 1, 2016 Share Posted April 1, 2016 Same problem Endpoint 5.0.2237.1. I think that the problem with outdated PROTOSCAN 1140 (20140806) module, unfortunately our mirror that is based on ESET Server security for Linux/BSD/Solaris 4.5.3 doesn't provide required module update and half of others new modules for some unknown reasons. Even with "Mirror PCU" option enabled. AFAIK the problem doesn't exist with PROTOSCAN 1173.15 (20160125). Local ESET tech support failed to help. Updating all machines to latest 5.0.2260.1 is not an option for me, so I'm waiting for an actual fix. ESET Log Collector logs: https://drive.google.com/open?id=0B7C2H94GCV43R0xFRDYzc0liY00 Link to comment Share on other sites More sharing options...
vavramid 0 Posted April 1, 2016 Author Share Posted April 1, 2016 Dear all, The problem solved when we implemented the following workaround. We used the ERA console so as to direct the clients to retrieve an update from the internet. As soon as they updated their signatures, we re-configured them in order to synchronized with our internal mirror update server. It seems that the client retrieve a signature that was not available for the mirror update server even though the server had the latest virus signature version. I know, it does not make sense but it is working. thanks. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,286 Posted April 1, 2016 Administrators Share Posted April 1, 2016 Endoint v5 clients MUST update from a v5 mirror. If you use a mirror created by v4, you risk that v5 modules will not be updated and certainly the cloud reputation system LiveGrid nor Web control will not work either. LiveGrid is essential for early protection against new borne malware, otherwise there will be a big time gap between updates during which computers may not be protected against current malware. Link to comment Share on other sites More sharing options...
Domo 4 Posted April 1, 2016 Share Posted April 1, 2016 (edited) Endoint v5 clients MUST update from a v5 mirror. If you use a mirror created by v4, you risk that v5 modules will not be updated and certainly the cloud reputation system LiveGrid nor Web control will not work either. LiveGrid is essential for early protection against new borne malware, otherwise there will be a big time gap between updates during which computers may not be protected against current malware. Here's a list generated with v5 mirror (hxxp://update.eset.com/eset_upd/v5/) by ESET Server security for Linux/BSD/Solaris 4.5.3 : https://drive.google.com/open?id=0B7C2H94GCV43M3lGekw2LXlkVnM Update options screen: hxxp://i.imgur.com/bkRocEF.png Still no PROTOSCAN module update listed. Client shows 1140 (20140806) and ofc ssl problem remains... *EDIT* Also, why v5 mirror provides 8.0.312.0 client PCUs instead of 5.0.95.0 in my update.ver list, is it normal? *Edit* 2016-04-04. After some weekend testing I can safely confirm that the whole SSL error is indeed due to outdated Protoscan module on client's side and since no one at eset cares to fix modules file list for their server solutions, here's another quick and dirty workaround for those who don't want to force update their whole zoo to latest 5.0.2260.1. 1. Download Protoscan module bits manually (I'm on FreeBSD so gonna use console commands as examples): cd /your/mirror/dir/ fetch hxxp://eset_username:eset_password@update.eset.com/v5-rel-sta/mod_019_protoscan_1309/em019_32_l0.nup fetch hxxp://eset_username:eset_password@update.eset.com/v5-rel-sta/mod_019_protoscan_1309/em019_32_l1.nup Open up your mirror's update.ver file with your fav text editor and insert the following text: [PROTOSCAN0] platform=x86 versionid=1226 type=protoscan version=1226 (20151005) group=protoscan date=05.10.2015 file=em019_32_l0.nup buildregname=ProtoscanBuild build=1267 level=0 base=268435456 size=278075 category=engine [PROTOSCAN1] platform=x86 versionid=1173 type=protoscan version=1173.15 (20160125) group=protoscan date=25.01.2016 file=em019_32_l1.nup buildregname=ProtoscanBuild build=1309 level=1 base=1267 size=63419 category=engine Save && close && update clients. Done. Edited April 4, 2016 by Domo Link to comment Share on other sites More sharing options...
Recommended Posts