cancel
Showing results for 
Search instead for 
Did you mean: 

ePO 4.6 Software Product List Download Failure: Issue with Certificate

This is a new ePO 4.6 install on Windows 2008 R2 standard, SQL database is on a separate server.

Server Task Log details for task "Download Software Product List"

1/10/12 9:13:02 AM  Started: Download Software Product List 

1/10/12 9:13:03 AM  Downloading file D:\PROGRA~1\McAfee\EPOLIC~1\DB\licensed_products_list.xml.tmp. 

1/10/12 9:13:03 AM  Downloading file D:\PROGRA~1\McAfee\EPOLIC~1\DB\trial_products_list.xml.tmp. 

1/10/12 9:13:03 AM  Failed to download file D:\PROGRA~1\McAfee\EPOLIC~1\DB\licensed_products_list.xml.tmp. There was a connection error: Issue with the certificate (12175). 

1/10/12 9:13:03 AM  Failed to download file D:\PROGRA~1\McAfee\EPOLIC~1\DB\trial_products_list.xml.tmp. There was a connection error: Issue with the certificate (12175). 

1/10/12 9:13:03 AM  Failed to connect to the Software Catalog server. 

1/10/12 9:13:03 AM  Completed: Download Software Product List (Failed to download the products list due to "Failed to connect to the Software Catalog server.")

I've seen a couple other posts (https://community.mcafee.com/thread/38371?start=10&tstart=0) that make mention of this but no resolution is listed.  Per the previous discussion, I have found the ValiCert Class 3 Policy Validation Authority certificate and I have imported it into the Trusted Root Certification Authorities certificate container on the server running ePO, but I still get the same result when running the task Download Software Product List.  Can someone give me some direction on where to go next?

My Update Master Repository task is running successfully each hour.  I've confirmed the DAT file in the repository has updated the last couple days since I've had ePO v4.6 running.

Thanks,

Jim

7 Replies

Re: ePO 4.6 Software Product List Download Failure: Issue with Certificate

Is the ePO network traffic scanned by a web gateway (which is capable of scanning HTTPS traffic) ?

If so Software Manager will not work due to a false certificate ...

Regards Tom

Re: ePO 4.6 Software Product List Download Failure: Issue with Certificate

I've confirmed the task fails with this message either using our proxy server or bypassing around the proxy.  My network team has looked through their logs for all traffic to/from the ePO server and have confirmed there are no packets being blocked.

Re: ePO 4.6 Software Product List Download Failure: Issue with Certificate

You can also check the EPOAPSVR.LOG on the ePO Server´s install directory (DB\Logs).

What do you get as certificate if you open https://epo.mcafee.com directly on your epo server in IE ?

Bildschirmfoto 2012-01-13 um 10.43.12.png

pyc
Level 7
Report Inappropriate Content
Message 5 of 8

Re: ePO 4.6 Software Product List Download Failure: Issue with Certificate

Hi

I have also encountered similar issue.

I am using Microsoft Forefront TMG 2010 with HTTPS inspection disabled.

Valicert certificate has been imported to epo.

But the error still occurs.

The logs from TMG show no packets being blocked.

I cannot open https://epo.mcafee.com

Is it due to certificate validity?

Re: ePO 4.6 Software Product List Download Failure: Issue with Certificate

Hi pyc,

it is currently not possible to get around this issue without disabling the SSL Scanning on your gateway.

You cannot import the gateways SSL certificate in a way to make epo use this one instead of epo.mcafee.com for Software Manager.

Cheers Tom

Re: ePO 4.6 Software Product List Download Failure: Issue with Certificate

Hi metalhead

regarding the above comment

I have need to explain and justify this certificate checking to our IT Security guys to allow Software manager though the Firewall etc.

Is there any documentation that you are aware of, which explains the process?

Diolch

Paul

Re: ePO 4.6 Software Product List Download Failure: Issue with Certificate

Hi Paul,

afaik no - we got the info directly from McAfee support.

Regards TOm