4 Replies Latest reply on Sep 2, 2013 6:25 AM by bostjanc

    EPO 5.0.1 services not starting - ahcert.crt' does not exist or is empty

    bostjanc

      Greetings!

      Upgraded EPO from 4.6 to 5.0.1.

      EPO worked fine for awhile. We had run Windows update on server, restarted the server, and Epo continue working fine. Today we have stopped and tried to start Mcafee Server services, but it does not restart with no reason. Under event viewer we see error: >>> SSLCertificateFile: file 'C:/Program Files (x86)/McAfee/ePolicy Orchestrator/Apache2/conf/ssl.crt/ahcert.crt' does not exist or is empty.

       

      Any hints how to solve this problem

        • 1. Re: EPO 5.0.1 services not starting - ahcert.crt' does not exist or is empty
          hem

          I will recomend to regenerate the cert (step 12, KB#:KB66616).

          • 2. Re: EPO 5.0.1 services not starting - ahcert.crt' does not exist or is empty
            bostjanc

            Hem, thank you for your reply.

            i was having a problem with recreating it.

            When I ran:

            Rundll32.exe ahsetup.dll RunDllGenCerts servername 8443 adminaccount adminpassword "C:\Program Files (x86)\McAfee\ePolicy Orchestrator\Apache2\conf\ssl.crt"

             

            I recieve an error about ahsetup.dll, probably because I was running the command while I was positioned in C:\Program Files (x86)\McAfee\ePolicy Orchestrator\Apache2\conf\, but the dll is placed in C:\Program Files (x86)\McAfee\ePolicy Orchestrator\. After running the command in folder: C:\Program Files (x86)\McAfee\ePolicy Orchestrator\Apache2\conf\, certificate is recreated but server service is still not starting.

             

            Now I have a different error:

            The Apache service named reported the following error:

            >>> Apache.exe: Syntax error on line 57 of C:/Program Files (x86)/McAfee/ePolicy Orchestrator/Apache2/conf/httpd.conf: ServerRoot must be a valid directory

            • 4. Re: EPO 5.0.1 services not starting - ahcert.crt' does not exist or is empty
              bostjanc

              Hi Hem.

              I have checked the httpd.conf file and saw there were path configured as: c:\progra~1.

              I have changed those paths to:

              ServerRoot "C:/Program Files (x86)/McAfee/ePolicy Orchestrator/Apache2"

              DocumentRoot "C:/Program Files (x86)/McAfee/ePolicy Orchestrator/DB"

              <Directory "C:/Program Files (x86)/McAfee/ePolicy Orchestrator/DB">

              ErrorLog "|C:/Program Files (x86)/McAfee/ePolicy Orchestrator/bin/rotatelogs.exe -l C:/Program Files (x86)/McAfee/ePolicy Orchestrator/Apache2/logs/errorlog.%Y-%m-%d 86400"

               

              Now I am able to start Mcafee SERVER service, but after the restart there are two errors in event log:

               

              The Apache service named reported the following error:

              >>> Warning: DocumentRoot [C:/Program Files/McAfee/EPOLIC~1/DB] does not exist .

               

              The Apache service named reported the following error:

              >>> [Mon Sep 02 13:18:02 2013] [notice] Disabled use of AcceptEx() WinSock2 API .