cancel
Showing results for 
Search instead for 
Did you mean: 

ePO does not use SSL/TLS connection. How can we upgrade it to use SSL for ePO DB connectivity

Jump to solution

ePO does not use SSL/TLS connection. How can we upgrade it to use SSL for ePO DB connectivity

1 Solution

Accepted Solutions
McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 2 of 5

Re: ePO does not use SSL/TLS connection. How can we upgrade it to use SSL for ePO DB connectivity

Jump to solution

KB84628 tells how to set up epo and sql to use certificate authentication to the database.  If you don't want to use certificate authentication, epo certainly does use ssl/tls.  See also KB87731.  Most of the failures in connectivity are due to incorrect cipher suite order, tls protocols not matching (one may have tls 1.0 disabled and the other enabled), sql is not set to use ssl (without certificate) or epo core/config ssl settings are incorrect. 

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

4 Replies
McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 2 of 5

Re: ePO does not use SSL/TLS connection. How can we upgrade it to use SSL for ePO DB connectivity

Jump to solution

KB84628 tells how to set up epo and sql to use certificate authentication to the database.  If you don't want to use certificate authentication, epo certainly does use ssl/tls.  See also KB87731.  Most of the failures in connectivity are due to incorrect cipher suite order, tls protocols not matching (one may have tls 1.0 disabled and the other enabled), sql is not set to use ssl (without certificate) or epo core/config ssl settings are incorrect. 

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

McAfee Employee Hawkmoon
McAfee Employee
Report Inappropriate Content
Message 3 of 5

Re: ePO does not use SSL/TLS connection. How can we upgrade it to use SSL for ePO DB connectivity

Jump to solution

Hi alokmhatle,

Robot wink what cdinet said!!

In the 'core/config-auth' page there are 4 options available to you, the default being ' Try to use SSL'.

The others read:

  • Never use SSL
  • Always use SSL
  • Always use SSL and require a trusted certificate.

As cdinet explained above ePO will use SSL, the KB84628 (SB10120) covers this.- Configuration 2 for example!

Make a note of the current settings that you have and make the changes check the connection as needed!

 

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: ePO does not use SSL/TLS connection. How can we upgrade it to use SSL for ePO DB connectivity

Jump to solution

Team,

 

In the Configuration 2 of KB84628, we can see the steps are mentioned for ePO 4.6.9 and 5.3 only

We are using ePO 5.9.1. with SQL DB ver 2016. Are there any different steps for ePO 5.9.1

McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 5 of 5

Re: ePO does not use SSL/TLS connection. How can we upgrade it to use SSL for ePO DB connectivity

Jump to solution

Configuration 2 is for a rollup epo server - is that what you are using?  Configuration 1 and 2 have options for 5.3.3 and later, so yes, it applies if you follow steps in that section.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator