Showing results for 
Show  only  | Search instead for 
Did you mean: 
Level 7
Report Inappropriate Content
Message 1 of 8

ePO Agent Key Updater

This is one of the options for updates. What component does it represent, or rather what does this component represent?
7 Replies

RE: ePO Agent Key Updater

i'm encountering this as well. anyone can help?

RE: ePO Agent Key Updater

I'm not really sure, perhaps it's used to manage the public key used between ePO server and McAfee Agents...?

RE: ePO Agent Key Updater

I know this is an old thread, but I'm curious to know what this is as well.


RE: ePO Agent Key Updater

The below is in ePO's product guide, may be able to help you guys.

Agent-server secure communication (ASSC) keys
• The first time the agent communicates with the server, it sends its public key to the server.
• From then on, the server uses the agent public key to verify messages signed with the
agent's secret key.
• The server uses its own secret key to sign its message to the agent.
• The agent uses the server's public key to verify the agent's message.
• You can have multiple secure communication key pairs, but only one can be designated as
the master key.
• When the client agent key updater task runs (ePO Agent Key Updater 3.5.5), agents
using different public keys receive the current public key.
• If you are upgrading from ePolicy Orchestrator 3.6 or earlier, a legacy key is retained. If
you are upgrading from ePolicy Orchestrator 3.6.1, the legacy key is the master key by
default. If you are upgrading from ePolicy Orchestrator 4.0, the master key is unchanged.
Whether or not you upgrade from version 3.6.1 or 4.0, the existing keys are migrated to
your ePO 4.5 server.

Re: RE: ePO Agent Key Updater

So... does this mean there's no need to enable this update task if we're running ePO 4.5, upgraded from 4.0. As I understand the guide's extract, ePO 4.5 migrates the server key thus there should be no need for this update task, right?

I'm going to go with "if it ain't broken, don't touch it" approach, but would still like to understand as many of the features as possible.


Level 12
Report Inappropriate Content
Message 7 of 8

Re: RE: ePO Agent Key Updater

Ideally, you would want to keep the Key Updater enabled. This will run if there is a change in the keys (e.g you promote a new master key). If you disable this component, the agents will not be able to stay up-to-date with the latest keys.

Level 7
Report Inappropriate Content
Message 8 of 8

RE: ePO Agent Key Updater


Yes this updates keys, but should i enable this option?

Is this enabled in you´r installation? and if i enable or not is there any problems whith that?

Now it´s not enabled in update task.

I´m running epo 4.5, vs 8.5 and agent 4.0 with all the latest SP:s
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community