Showing results for 
Search instead for 
Did you mean: 

Splunk report shows SSL errors

Running ePO console version 5.9.1. Had to run a Splunk report against an Remote Agent Handler. It shows numerous SSL issues. Weak Hash Algorithm, SSL version 2 and 3, SSL cert with wrong hostname, SMB signing not required, SSL Cert cannot be trusted and TLS Protocol Crime Vulnerability. How do I clear up these and other SSL cert issues
2 Replies

Re: Splunk report shows SSL errors

My error I should have stated a Nessus scane not a Splunk.


Reliable Contributor Nielsb
Reliable Contributor
Report Inappropriate Content
Message 3 of 3

Re: Splunk report shows SSL errors

The ePO engineering team has researched the findings and concluded that ePO is not vulnerable to the reported findings because ports 8444 and 443 are not meant for browsing using a browser. They are accessed from the McAfee Agent (MA), or Agent Handler (AH) or other ePO internal service, and the certificate trust is built on OrionCA which is generated per ePO install.

Regarding the warnings, the exception noted for QID 38173 applies:

The ePO server and Agent Handler components communicate only with a restricted set of clients who have the trusted certificate chain. The CA certificate is not available publicly and cannot be verified remotely.


McAfee KB article:

More McAfee Tools to Help You

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community