cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
mmzathti
Level 7
Report Inappropriate Content
Message 1 of 8
‎05-29-2020 08:48 AM

Root certificate expiration

Jump to solution

Regarding the issue with the expiring root cetificate-- - I  have EPO 5.9 managing 500 servers using VS 8.8. I see that the primary certificate Is installed on the EPO server but does it need to be on all the endpoint servers also?

0 Kudos
Reply
2 Solutions

Accepted Solutions
vivs
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 8
‎05-29-2020 11:08 AM

Re: Root certificate expiration

Jump to solution

Yes, That is correct.

There is one Certificate which is getting expired on 30/05/2020.

You need to check below one:

Either the below one or AAA should be available:

certcomm.PNG

The primary certificate that needs to be validated is in a customer's environment as below.

Subject      CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, S=New Jersey, C=US
Thumbprint   2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E
Expiration     2038-01-18 5:59:59 PM


To quickly determine if a system is running the primary certificate, an administrator can query for the existence of the following registry key:

Also this can checked from the MMC to see the certificate.

Having said that this should not affect you agent to service communication.

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

View solution in original post

0 Kudos
Reply
Hemurali
Level 8
Report Inappropriate Content
Message 5 of 8
‎05-30-2020 08:15 AM

Re: Root certificate expiration

Jump to solution

HI All,

I'm able to push the same certificate through ePO, and it worked for all my Windows 2K8,12,16 servers for this I have used KB92948.

But my query is, I'm unable to find the certificate status of Win 2K0 and 2K3 servers in ePO. So is there any way to get the status of this in ePO? Kindly help. @vnaidu 

Thanks in advance.

View solution in original post

0 Kudos
Reply
7 Replies
vivs
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 8
‎05-29-2020 10:28 AM

Re: Root certificate expiration

Jump to solution

Hello @mmzathti 

Thanks for your post.

MA communication to an On-Prem ePO server is not affected.

Additionally, You can refer the below KB article for cert related.

https://kc.mcafee.com/corporate/index?page=content&id=KB92937

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query! 

0 Kudos
Reply
mmzathti
Level 7
Report Inappropriate Content
Message 3 of 8
‎05-29-2020 10:41 AM

Re: Root certificate expiration

Jump to solution

I'm sorry but I am still not clear on whether I need to do anything.  My on-prem EPO server does have the good primary cert.  Is that adequate?

0 Kudos
Reply
vivs
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 8
‎05-29-2020 11:08 AM

Re: Root certificate expiration

Jump to solution

Yes, That is correct.

There is one Certificate which is getting expired on 30/05/2020.

You need to check below one:

Either the below one or AAA should be available:

certcomm.PNG

The primary certificate that needs to be validated is in a customer's environment as below.

Subject      CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, S=New Jersey, C=US
Thumbprint   2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E
Expiration     2038-01-18 5:59:59 PM


To quickly determine if a system is running the primary certificate, an administrator can query for the existence of the following registry key:

Also this can checked from the MMC to see the certificate.

Having said that this should not affect you agent to service communication.

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

View solution in original post

0 Kudos
Reply
Hemurali
Level 8
Report Inappropriate Content
Message 5 of 8
‎05-30-2020 08:15 AM

Re: Root certificate expiration

Jump to solution

HI All,

I'm able to push the same certificate through ePO, and it worked for all my Windows 2K8,12,16 servers for this I have used KB92948.

But my query is, I'm unable to find the certificate status of Win 2K0 and 2K3 servers in ePO. So is there any way to get the status of this in ePO? Kindly help. @vnaidu 

Thanks in advance.

View solution in original post

0 Kudos
Reply
patrakshar
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 8
‎05-30-2020 10:36 PM

Re: Root certificate expiration

Jump to solution

Hi @Hemurali 

Article https://kc.mcafee.com/corporate/index?page=content&id=KB92948 has the details how to query it from EPO.

0 Kudos
Reply
Hemurali
Level 8
Report Inappropriate Content
Message 7 of 8
‎05-30-2020 11:31 PM

Re: Root certificate expiration

Jump to solution
Hi @patrakshar,

Thanks for the reply. I have already followed the same KB for querying from ePO and I mentioned the same in my earlier post as well. But as per that KB, I think that only supports non EOL versions of Windows.

But I want to get the status of EOL(2000,2003/R2) Windows. Is there any way that we can get?
0 Kudos
Reply
patrakshar
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 8 of 8
‎05-31-2020 04:58 AM

Re: Root certificate expiration

Jump to solution

Those OS are not supported any more and the provided tools are not tested on those OS. 

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Consumer Support   |   Enterprise Support   |   McAfee.com

Legal   |   Privacy   |   Copyright © 2020 McAfee, LLC