cancel
Showing results for 
Search instead for 
Did you mean: 

EPO Upgrade 5.1.0 to 5.3.3

Jump to solution
I am about ready to upgrade my EPO server to version 5.3.3. I know I am way late to the party!! I've been utilizing the EPO Pre-Install auditor v3.1.0.140 to be sure I'm ready for the upgrade. There are two informational items that were flagged by the tool. One is approximate time for upgrade to complete (informational identifier is colored blue). The other is keystore certificate key size validation could not be fetched. This is flagged by a grey colored informational icon. I've read through KB89995 and 81863 as referenced in the tool. KB89995 is the more applicable of the two at the moment. I've verified that the EPO cert is using a 2048bit key. The KB also mentions re-generating the self-signed cert and private key. I called McAfee tech support on Saturday afternoon to ask about the grey informational entry. I was referred to KB84628. Having read that KB, the recommendation is to upgrade to EPO 5.1.2 before I go to 5.3.3. That KB also references man in the middle remediation measures once the upgrade is complete. My question is – can I safely ignore the informational entry and proceed with the upgrade OR do I need to pay heed to that and go to EPO 5.1.2 first? Some other info – the SQL DB that EPO uses is hosted on the EPO server, so no external instance connection.
1 Solution

Accepted Solutions
McAfee Employee Hawkmoon
McAfee Employee
Report Inappropriate Content
Message 2 of 5

Re: EPO Upgrade 5.1.0 to 5.3.3

Jump to solution

Hi David223,

The KB uses the word 'must', and as such I'd support the KB and say yes!

" Recommended Actions
ePO 5.3 and later users must apply the steps in Configurations 1 (A), 1 (B), and Configuration 2 below.
ePO 5.0.x and 5.1.x users must upgrade to ePO 5.1.2, and apply the steps in Configurations 1 (A), 1 (B), and 1 (C) below.
NOTE: These ePO versions are End of Life."

Which points out a concern I have, in that ePO 5.3.x is nearing its EOL as well - EOL: 31/3/19.
ePO End of Life page

An option for you to consider.
If you upgrade to 5.1.3 you can go to 5.9 ... !

Supported platforms, environments, and operating systems for ePolicy Orchestrator Technical Articles...

Might save you some repeat work for the future! 

 

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

4 Replies
McAfee Employee Hawkmoon
McAfee Employee
Report Inappropriate Content
Message 2 of 5

Re: EPO Upgrade 5.1.0 to 5.3.3

Jump to solution

Hi David223,

The KB uses the word 'must', and as such I'd support the KB and say yes!

" Recommended Actions
ePO 5.3 and later users must apply the steps in Configurations 1 (A), 1 (B), and Configuration 2 below.
ePO 5.0.x and 5.1.x users must upgrade to ePO 5.1.2, and apply the steps in Configurations 1 (A), 1 (B), and 1 (C) below.
NOTE: These ePO versions are End of Life."

Which points out a concern I have, in that ePO 5.3.x is nearing its EOL as well - EOL: 31/3/19.
ePO End of Life page

An option for you to consider.
If you upgrade to 5.1.3 you can go to 5.9 ... !

Supported platforms, environments, and operating systems for ePolicy Orchestrator Technical Articles...

Might save you some repeat work for the future! 

 

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: EPO Upgrade 5.1.0 to 5.3.3

Jump to solution

Thank you for the reply. You make a good point about 5.1.3. I'll have to look at that.

McAfee Employee JoeBidgood
McAfee Employee
Report Inappropriate Content
Message 4 of 5

Re: EPO Upgrade 5.1.0 to 5.3.3

Jump to solution

Please note though that KB 84628 is only applicable if you are implementing certificate validation - if you're not using this or planning to implement it, you can skip this KB. Having cert validation implemented is not a requirement for updating ePO.

 

Similarly if your browser cert is already 2048bit, then there's no need to regenerate it - it's only a problem if your ePO installation started life with a 1024bit cert and has been upgraded all the way from there.

HTH -

Joe

Re: EPO Upgrade 5.1.0 to 5.3.3

Jump to solution

Once you are successful upgrading to ePO 5.3.3 there are many reasons to go to ePO 5.10 not 5.9.1; time to install, bug/fixes and overall performance & features. Supporting documentation can be referenced at https://www.youtube.com/watch?v=3eIveWhDiXE .

ePO Support Center Plug-in
Check out the new ePO Support Center. Simply access the ePO Software Manager and follow the instructions in the Product Guide for the most commonly used utilities, top known issues announcements, search the knowledgebase for product documentation, and server status and statistics – all from within ePO.