This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Installation failed

I get an error when I try to install Sophos Intercept X EAP in a win server 2022.

/cfs-file/__key/communityserver-discussions-components-files/302/SophosCloudInstaller_5F00_20220809_5F00_090558.log

Can anyone help me please to troubleshoot the problem?



This thread was automatically locked due to age.
Parents Reply Children
  • If this is a fresh installation of Windows Server, I suggest checking if your server recognizes the certificate the installer is signed with. This may be contributing to the issues you're experiencing. 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Ok, I found this article

    https://support.sophos.com/support/s/article/KB-000043879?language=en_US

    I have followed it but I still get this errors, I installed the certificate that comes with the installer

    2022-08-11T09:04:00.7505209Z INFO : Subscription: Base
    2022-08-11T09:04:00.7505209Z INFO : SUL info: [V46381] SU::Handle::readRemoteMetadata + SU::Handle::readRemoteMetadata()
    2022-08-11T09:04:00.7505209Z INFO : SUL info: [V75884] SU::Metadata::readRemoteMetadata SU::Metadata::readRemoteMetadata()
    2022-08-11T09:04:00.7505209Z INFO : SUL info: [I40394] Downloading customer file from sophos:1:1
    2022-08-11T09:04:00.7505209Z INFO : SUL info: [V81533] SU::createCachedPackageSource about to create cached package source for sophos:1:1, url=sophos
    2022-08-11T09:04:00.7661766Z INFO : SUL info: [V81533] SU::createCachedPackageSource creating root package source for location: sophos:1:dci.sophosupd.com/update, path: 1/2c/12cbdbf1c383a79c5327aa85b3a53b73.dat
    2022-08-11T09:04:01.0365671Z WARNING : SUL error: [E19127] Couldn't find DCI for user. URL was: dci.sophosupd.com/update
    2022-08-11T09:04:01.0365671Z INFO : SUL info: [I19127] No proxy was used.
    2022-08-11T09:04:01.0365671Z INFO : SUL info: [I40394] Downloading customer file from sophos:2:1
    2022-08-11T09:04:01.0365671Z INFO : SUL info: [V81533] SU::createCachedPackageSource about to create cached package source for sophos:2:1, url=sophos
    2022-08-11T09:04:01.0365671Z INFO : SUL info: [V81533] SU::createCachedPackageSource creating root package source for location: sophos:1:dci.sophosupd.net/update, path: 1/2c/12cbdbf1c383a79c5327aa85b3a53b73.dat
    2022-08-11T09:04:01.3072954Z WARNING : SUL error: [E19127] Couldn't find DCI for user. URL was: dci.sophosupd.net/update
    2022-08-11T09:04:01.3072954Z INFO : SUL info: [I19127] No proxy was used.
    2022-08-11T09:04:01.3072954Z INFO : SUL info: [I40394] Downloading customer file from sophos:3:1
    2022-08-11T09:04:01.3072954Z INFO : SUL info: [V81533] SU::createCachedPackageSource about to create cached package source for sophos:3:1, url=sophos
    2022-08-11T09:04:01.3072954Z WARNING : SUL error: [E75373] Ran out of sophos aliases for this update source
    2022-08-11T09:04:01.3072954Z WARNING : SUL error: [E72139] Couldn't find DCI for user. URL was: dci.sophosupd.net/update
    2022-08-11T09:04:01.3072954Z INFO : SUL info: [I72139] No proxy was used.
    2022-08-11T09:04:01.3072954Z WARNING : SUL error: [E54187] Couldn't find DCI for user. URL was: dci.sophosupd.net/update
    2022-08-11T09:04:01.3072954Z ERROR : DownloadCommand::onRun() failed with std::exception: MetaDataScope::MetaDataScope failed with error code 5
    2022-08-11T09:04:01.3072954Z INFO : Command 'Download' completed with failure with reboot code '0' and error message 'Could not download software'.
    2022-08-11T09:04:01.3072954Z ERROR : Installation failed.
    2022-08-11T09:04:01.3072954Z INFO : Sending HTTP 'POST' request to: sophos/management/ep/install/events/endpoint/62cc95a5-02ff-54b8-eb6b-0a88e0217885
    2022-08-11T09:04:01.3072954Z INFO : Did not discover an URL for a PAC file
    2022-08-11T09:04:01.3072954Z INFO : Attempting to connect using proxy '' of type 'Empty Proxy'.
    2022-08-11T09:04:01.3072954Z INFO : Set security protocol: 00000800
    2022-08-11T09:04:01.3072954Z INFO : Opening connection to mcs2-cloudstation-eu-central-1.prod.hydra.sophos.com
    2022-08-11T09:04:01.3072954Z INFO : Sending request for connection confirmation through potential proxy
    2022-08-11T09:04:01.3072954Z INFO : Request content size: 0
    2022-08-11T09:04:01.3229838Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
    2022-08-11T09:04:01.3229838Z INFO : Subject certificate failed validation against root CA: SophosCA1
    2022-08-11T09:04:01.3229838Z INFO : Subject certificate failed validation against root CA: SophosCA2
    2022-08-11T09:04:01.3229838Z INFO : Certificate check succeeded
    2022-08-11T09:04:01.3229838Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
    2022-08-11T09:04:01.3550024Z INFO : Response status code: 200
    2022-08-11T09:04:01.3550024Z INFO : Response data size: 168
    2022-08-11T09:04:01.3550024Z INFO : trySendRequestThroughPotentialProxy returning response with status code: 200
    2022-08-11T09:04:01.3550024Z INFO : Request content size: 1009
    2022-08-11T09:04:01.3550024Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
    2022-08-11T09:04:01.3550024Z INFO : Subject certificate failed validation against root CA: SophosCA1
    2022-08-11T09:04:01.3550024Z INFO : Subject certificate failed validation against root CA: SophosCA2
    2022-08-11T09:04:01.3550024Z INFO : Certificate check succeeded
    2022-08-11T09:04:01.3550024Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
    2022-08-11T09:04:01.4189473Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
    2022-08-11T09:04:01.4189473Z INFO : Subject certificate failed validation against root CA: SophosCA1
    2022-08-11T09:04:01.4189473Z INFO : Subject certificate failed validation against root CA: SophosCA2
    2022-08-11T09:04:01.4272822Z INFO : Certificate check succeeded
    2022-08-11T09:04:01.4272822Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
    2022-08-11T09:04:01.4272822Z INFO : Response status code: 200
    2022-08-11T09:04:01.4272822Z INFO : Response data size: 0

  • Were the following steps successful when accessing the digicert website? 

    1. Open an internet browser session.
    2. Access this website.
    3. If you see the following response, the root certificate is trusted and the installation/upgrade should complete on the next update:....

    I suspect you will need to install the root certificate, which is the parent in the certification chain and allows the installer to be verified. This is the "DigiCert Trusted Root G4" certificate. 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • I have downloaded this cert and installed this cert and the problem persist, any other idea?

    cacerts.digicert.com/DigiCertTrustedRootG4.crt

  • There may be an issue on the license side. I've reached out to you via PM to inquire further. 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids