Jump to content

ssl problem - SSL_ERROR_ACCESS_DENIED_ALERT


vavramid

Recommended Posts

Dear All,
Since the 5.0.22 clients updated their virus signature database into the 13249 version and afterwards , we are not able to open encrypted URL's using the HTTS.

The 4.2.x clients do not face this issue.

The following error is being receiving :

Secure Connection Failed
An error occurred during a connection to support.oracle.com. Peer received a valid certificate, but access was denied. Error code: SSL_ERROR_ACCESS_DENIED_ALERT

 

We rolled back in a previous versions( using ERA) and the HTTPS sites are working fine.


ESET Endpoint Antivirus Clients versison : 5.0.22 & 4.2.76
ESET Remote Administration (ERA) version : 5.2.26

post-11679-0-10526400-1459322653_thumb.jpg

 

Please advise.

Thanks.

Link to comment
Share on other sites

We had the same problem. For us, the problem was solved by upgrade AV clients to 5.0.2260.1  ( You can download it from Eset International page)

Link to comment
Share on other sites

Same problem Endpoint 5.0.2237.1. I think that the problem with outdated PROTOSCAN 1140 (20140806) module, unfortunately our mirror that is based on ESET Server security for Linux/BSD/Solaris 4.5.3 doesn't provide required module update and half of others new modules for some unknown reasons. Even with "Mirror PCU" option enabled.

AFAIK the problem doesn't exist with PROTOSCAN 1173.15 (20160125).

 

Local ESET tech support failed to help.

Updating all machines to latest 5.0.2260.1 is not an option for me, so I'm waiting for an actual fix.

 

ESET Log Collector logs: https://drive.google.com/open?id=0B7C2H94GCV43R0xFRDYzc0liY00

Link to comment
Share on other sites

Dear all,

The problem solved when we implemented the following workaround.

 

We used the ERA console so as to direct the clients to retrieve an update from the internet. As soon as they updated their signatures, we re-configured them in order to synchronized with our internal mirror update server.

 

It seems that the client retrieve a signature that was not available for the mirror update server even though the server had the latest  virus signature version.

I know, it does not make sense but it is working.

 

thanks.

Link to comment
Share on other sites

  • Administrators

Endoint v5 clients MUST update from a v5 mirror. If you use a mirror created by v4, you risk that v5 modules will not be updated and certainly the cloud reputation system LiveGrid nor Web control will not work either. LiveGrid is essential for early protection against new borne malware, otherwise there will be a big time gap between updates during which computers may not be protected against current malware.

Link to comment
Share on other sites

Endoint v5 clients MUST update from a v5 mirror. If you use a mirror created by v4, you risk that v5 modules will not be updated and certainly the cloud reputation system LiveGrid nor Web control will not work either. LiveGrid is essential for early protection against new borne malware, otherwise there will be a big time gap between updates during which computers may not be protected against current malware.

Here's a list generated with v5 mirror (hxxp://update.eset.com/eset_upd/v5/) by ESET Server security for Linux/BSD/Solaris 4.5.3 : https://drive.google.com/open?id=0B7C2H94GCV43M3lGekw2LXlkVnM

Update options screen: hxxp://i.imgur.com/bkRocEF.png

Still no PROTOSCAN module update listed. Client shows 1140 (20140806) and ofc ssl problem remains...

 

*EDIT* Also, why v5 mirror provides 8.0.312.0 client PCUs instead of 5.0.95.0 in my update.ver list, is it normal?

 

*Edit* 2016-04-04.

After some weekend testing I can safely confirm that the whole SSL error is indeed due to outdated Protoscan module on client's side and since no one at eset cares to fix modules file list for their server solutions, here's another quick and dirty workaround for those who don't want to force update their whole zoo to latest 5.0.2260.1.

1. Download Protoscan module bits manually (I'm on FreeBSD so gonna use console commands as examples):

cd /your/mirror/dir/
fetch hxxp://eset_username:eset_password@update.eset.com/v5-rel-sta/mod_019_protoscan_1309/em019_32_l0.nup
fetch hxxp://eset_username:eset_password@update.eset.com/v5-rel-sta/mod_019_protoscan_1309/em019_32_l1.nup

Open up your mirror's update.ver file with your fav text editor and insert the following text:

[PROTOSCAN0]
platform=x86
versionid=1226
type=protoscan
version=1226 (20151005)
group=protoscan
date=05.10.2015
file=em019_32_l0.nup
buildregname=ProtoscanBuild
build=1267
level=0
base=268435456
size=278075
category=engine
[PROTOSCAN1]
platform=x86
versionid=1173
type=protoscan
version=1173.15 (20160125)
group=protoscan
date=25.01.2016
file=em019_32_l1.nup
buildregname=ProtoscanBuild
build=1309
level=1
base=1267
size=63419
category=engine

Save && close && update clients. Done.

Edited by Domo
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...