I get an error when I try to install Sophos Intercept X EAP in a win server 2022.
Can anyone help me please to troubleshoot the problem?
This thread was automatically locked due to age.
I get an error when I try to install Sophos Intercept X EAP in a win server 2022.
Can anyone help me please to troubleshoot the problem?
Hi l0rdraiden,
Thanks for reaching out to the Sophos Community Forum.
If this is the initial installation you're trying, do you know if white-listing has already been done on the surrounding network environment?
- Domains and ports to allow
You can also try accessing the update site manually through a web-browser to verify if it should be accessible on the affected device.
- http://dci.sophosupd.net
Ports 80 and 443 are open, there is no web proxy so all the urls are allowed
I can reach from the server
Connection Successful
Is a clean installation of windows server 2022 datacenter edition
I think the error is here but I don't know what DCI is.
2022-08-09T18:59:32.7846700Z WARNING : SUL error: [E54187] Couldn't find DCI for user. URL was: dci.sophosupd.net/update
2022-08-09T18:59:32.7846700Z ERROR : DownloadCommand::onRun() failed with std::exception: MetaDataScope::MetaDataScope failed with error code 5
2022-08-09T18:59:32.7846700Z INFO : Command 'Download' completed with failure with reboot code '0' and error message 'Could not download software'.
2022-08-09T18:59:32.7846700Z ERROR : Installation failed.
I found this post that might be related
But I don't know what credentials are we talking about, my sophos central credentials are working and I downloaded the installer from there
Ports 80 and 443 are open, there is no web proxy so all the urls are allowed
I can reach from the server
Connection Successful
Is a clean installation of windows server 2022 datacenter edition
I think the error is here but I don't know what DCI is.
2022-08-09T18:59:32.7846700Z WARNING : SUL error: [E54187] Couldn't find DCI for user. URL was: dci.sophosupd.net/update
2022-08-09T18:59:32.7846700Z ERROR : DownloadCommand::onRun() failed with std::exception: MetaDataScope::MetaDataScope failed with error code 5
2022-08-09T18:59:32.7846700Z INFO : Command 'Download' completed with failure with reboot code '0' and error message 'Could not download software'.
2022-08-09T18:59:32.7846700Z ERROR : Installation failed.
I found this post that might be related
But I don't know what credentials are we talking about, my sophos central credentials are working and I downloaded the installer from there
If this is a fresh installation of Windows Server, I suggest checking if your server recognizes the certificate the installer is signed with. This may be contributing to the issues you're experiencing.
Ok, I found this article
https://support.sophos.com/support/s/article/KB-000043879?language=en_US
I have followed it but I still get this errors, I installed the certificate that comes with the installer
2022-08-11T09:04:00.7505209Z INFO : Subscription: Base
2022-08-11T09:04:00.7505209Z INFO : SUL info: [V46381] SU::Handle::readRemoteMetadata + SU::Handle::readRemoteMetadata()
2022-08-11T09:04:00.7505209Z INFO : SUL info: [V75884] SU::Metadata::readRemoteMetadata SU::Metadata::readRemoteMetadata()
2022-08-11T09:04:00.7505209Z INFO : SUL info: [I40394] Downloading customer file from sophos:1:1
2022-08-11T09:04:00.7505209Z INFO : SUL info: [V81533] SU::createCachedPackageSource about to create cached package source for sophos:1:1, url=sophos
2022-08-11T09:04:00.7661766Z INFO : SUL info: [V81533] SU::createCachedPackageSource creating root package source for location: sophos:1:dci.sophosupd.com/update, path: 1/2c/12cbdbf1c383a79c5327aa85b3a53b73.dat
2022-08-11T09:04:01.0365671Z WARNING : SUL error: [E19127] Couldn't find DCI for user. URL was: dci.sophosupd.com/update
2022-08-11T09:04:01.0365671Z INFO : SUL info: [I19127] No proxy was used.
2022-08-11T09:04:01.0365671Z INFO : SUL info: [I40394] Downloading customer file from sophos:2:1
2022-08-11T09:04:01.0365671Z INFO : SUL info: [V81533] SU::createCachedPackageSource about to create cached package source for sophos:2:1, url=sophos
2022-08-11T09:04:01.0365671Z INFO : SUL info: [V81533] SU::createCachedPackageSource creating root package source for location: sophos:1:dci.sophosupd.net/update, path: 1/2c/12cbdbf1c383a79c5327aa85b3a53b73.dat
2022-08-11T09:04:01.3072954Z WARNING : SUL error: [E19127] Couldn't find DCI for user. URL was: dci.sophosupd.net/update
2022-08-11T09:04:01.3072954Z INFO : SUL info: [I19127] No proxy was used.
2022-08-11T09:04:01.3072954Z INFO : SUL info: [I40394] Downloading customer file from sophos:3:1
2022-08-11T09:04:01.3072954Z INFO : SUL info: [V81533] SU::createCachedPackageSource about to create cached package source for sophos:3:1, url=sophos
2022-08-11T09:04:01.3072954Z WARNING : SUL error: [E75373] Ran out of sophos aliases for this update source
2022-08-11T09:04:01.3072954Z WARNING : SUL error: [E72139] Couldn't find DCI for user. URL was: dci.sophosupd.net/update
2022-08-11T09:04:01.3072954Z INFO : SUL info: [I72139] No proxy was used.
2022-08-11T09:04:01.3072954Z WARNING : SUL error: [E54187] Couldn't find DCI for user. URL was: dci.sophosupd.net/update
2022-08-11T09:04:01.3072954Z ERROR : DownloadCommand::onRun() failed with std::exception: MetaDataScope::MetaDataScope failed with error code 5
2022-08-11T09:04:01.3072954Z INFO : Command 'Download' completed with failure with reboot code '0' and error message 'Could not download software'.
2022-08-11T09:04:01.3072954Z ERROR : Installation failed.
2022-08-11T09:04:01.3072954Z INFO : Sending HTTP 'POST' request to: sophos/management/ep/install/events/endpoint/62cc95a5-02ff-54b8-eb6b-0a88e0217885
2022-08-11T09:04:01.3072954Z INFO : Did not discover an URL for a PAC file
2022-08-11T09:04:01.3072954Z INFO : Attempting to connect using proxy '' of type 'Empty Proxy'.
2022-08-11T09:04:01.3072954Z INFO : Set security protocol: 00000800
2022-08-11T09:04:01.3072954Z INFO : Opening connection to mcs2-cloudstation-eu-central-1.prod.hydra.sophos.com
2022-08-11T09:04:01.3072954Z INFO : Sending request for connection confirmation through potential proxy
2022-08-11T09:04:01.3072954Z INFO : Request content size: 0
2022-08-11T09:04:01.3229838Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2022-08-11T09:04:01.3229838Z INFO : Subject certificate failed validation against root CA: SophosCA1
2022-08-11T09:04:01.3229838Z INFO : Subject certificate failed validation against root CA: SophosCA2
2022-08-11T09:04:01.3229838Z INFO : Certificate check succeeded
2022-08-11T09:04:01.3229838Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2022-08-11T09:04:01.3550024Z INFO : Response status code: 200
2022-08-11T09:04:01.3550024Z INFO : Response data size: 168
2022-08-11T09:04:01.3550024Z INFO : trySendRequestThroughPotentialProxy returning response with status code: 200
2022-08-11T09:04:01.3550024Z INFO : Request content size: 1009
2022-08-11T09:04:01.3550024Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2022-08-11T09:04:01.3550024Z INFO : Subject certificate failed validation against root CA: SophosCA1
2022-08-11T09:04:01.3550024Z INFO : Subject certificate failed validation against root CA: SophosCA2
2022-08-11T09:04:01.3550024Z INFO : Certificate check succeeded
2022-08-11T09:04:01.3550024Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2022-08-11T09:04:01.4189473Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2022-08-11T09:04:01.4189473Z INFO : Subject certificate failed validation against root CA: SophosCA1
2022-08-11T09:04:01.4189473Z INFO : Subject certificate failed validation against root CA: SophosCA2
2022-08-11T09:04:01.4272822Z INFO : Certificate check succeeded
2022-08-11T09:04:01.4272822Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2022-08-11T09:04:01.4272822Z INFO : Response status code: 200
2022-08-11T09:04:01.4272822Z INFO : Response data size: 0
Were the following steps successful when accessing the digicert website?
I suspect you will need to install the root certificate, which is the parent in the certification chain and allows the installer to be verified. This is the "DigiCert Trusted Root G4" certificate.
I have downloaded this cert and installed this cert and the problem persist, any other idea?
There may be an issue on the license side. I've reached out to you via PM to inquire further.