cancel
Showing results for 
Search instead for 
Did you mean: 

PKI and VSE 8.8 Patch 7 conflicts

To anyone operating in a Public Key Infrastructure environment (PKI), has anyone discovered an issue with using VSE 8.8 Patch 7? We are discovering Kerberos Windows Event log errors on both the client, and domain controller sides, stating that the certificate revocation server cannot be reached because it is offline. This is of course not true. When we revert to VSE 8.8 Patch 4, this issue goes away. When disabling VSE completely from ePO, this issue goes away, even if Patch 7 is installed.

Specifically, the domain controllers are receiving Windows Event ID 21, and the workstations are receiving Windows Event ID 9, and Event ID 8.

5 Replies

Re: PKI and VSE 8.8 Patch 7 conflicts

Hi greatscott

what do you mean by

When disabling VSE completely from ePO, this issue goes away, even if Patch 7 is installed
?

do you mean disabling VSE access protection or on-access scanner or completely removing vse?

best regards

Re: PKI and VSE 8.8 Patch 7 conflicts

When we disable, we disable it via all policy types (Access Protection, On Access, Buffer Overflow, etc). I am working on determining which piece of VSE will cause the system to break. And yes, the system will work properly when all VSE protections are disabled and P7 is installed.

Re: PKI and VSE 8.8 Patch 7 conflicts

Do you have Access Protection threat events regarding that issue? may be you need to exclude something!. Also try the latest hotfix may be it will help.

Highlighted

Re: PKI and VSE 8.8 Patch 7 conflicts

if you run vse p4 on the domain controller (pki server)  and vse p7 on the client side,  do you have same issue? I mean receiving Windows Event ID 9, and Event ID 8

Re: PKI and VSE 8.8 Patch 7 conflicts

Hi greatscott

any news? any progress?

More McAfee Tools to Help You
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • Visit: Business Service Portal
  • More: Search Knowledge Articles
  • ePolicy Orchestrator Support
  • The McAfee ePO Support Center Plug-in is now available in the Software Manager. Follow the instructions in the Product Guide for more.