Regarding the issue with the expiring root cetificate-- - I have EPO 5.9 managing 500 servers using VS 8.8. I see that the primary certificate Is installed on the EPO server but does it need to be on all the endpoint servers also?
Solved! Go to Solution.
Yes, That is correct.
There is one Certificate which is getting expired on 30/05/2020.
You need to check below one:
Either the below one or AAA should be available:
The primary certificate that needs to be validated is in a customer's environment as below.
Subject | CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, S=New Jersey, C=US |
Thumbprint | 2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E |
Expiration | 2038-01-18 5:59:59 PM |
To quickly determine if a system is running the primary certificate, an administrator can query for the existence of the following registry key:
Also this can checked from the MMC to see the certificate.
Having said that this should not affect you agent to service communication.
Was my reply helpful?
If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!
HI All,
I'm able to push the same certificate through ePO, and it worked for all my Windows 2K8,12,16 servers for this I have used KB92948.
But my query is, I'm unable to find the certificate status of Win 2K0 and 2K3 servers in ePO. So is there any way to get the status of this in ePO? Kindly help. @vnaidu
Thanks in advance.
Hello @mmzathti
Thanks for your post.
MA communication to an On-Prem ePO server is not affected.
Additionally, You can refer the below KB article for cert related.
https://kc.mcafee.com/corporate/index?page=content&id=KB92937
Was my reply helpful?
If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!
I'm sorry but I am still not clear on whether I need to do anything. My on-prem EPO server does have the good primary cert. Is that adequate?
Yes, That is correct.
There is one Certificate which is getting expired on 30/05/2020.
You need to check below one:
Either the below one or AAA should be available:
The primary certificate that needs to be validated is in a customer's environment as below.
Subject | CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, S=New Jersey, C=US |
Thumbprint | 2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E |
Expiration | 2038-01-18 5:59:59 PM |
To quickly determine if a system is running the primary certificate, an administrator can query for the existence of the following registry key:
Also this can checked from the MMC to see the certificate.
Having said that this should not affect you agent to service communication.
Was my reply helpful?
If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!
HI All,
I'm able to push the same certificate through ePO, and it worked for all my Windows 2K8,12,16 servers for this I have used KB92948.
But my query is, I'm unable to find the certificate status of Win 2K0 and 2K3 servers in ePO. So is there any way to get the status of this in ePO? Kindly help. @vnaidu
Thanks in advance.
Hi @Hemurali
Article https://kc.mcafee.com/corporate/index?page=content&id=KB92948 has the details how to query it from EPO.
Those OS are not supported any more and the provided tools are not tested on those OS.
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA