This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Relay and Cache Server could not update because wrong proxy

Hello @all,

our win 2016 Server with installed relay and cache server are using a wrong proxy configuration:

 Trying update service URL sus.sophosupd.com/.../dae1076b-8473-4c45-8c3a-076246744ca6 with proxy: 87.xx.xx.94:443

On Central, I have changed the proxy and disable that, but our server are still using the wrong proxy.

Where can we change that?

Many thanks in advance!

TBC



This thread was automatically locked due to age.
  • Here are some more information about the installation:

    starting setup with: SophosSetup.exe --messagerelays=bc2.dom.com:8190

    Logfile:

    2022-09-27T11:02:12.3002920Z INFO : Running C:\\Temp\\SophosSetup-793469817\\Setup.exe
    2022-09-27T11:02:12.3002920Z INFO : Stage 1 command-line options:
    2022-09-27T11:02:12.3002920Z INFO : ---
    2022-09-27T11:02:12.3002920Z INFO : Quiet mode on: 0
    2022-09-27T11:02:12.3002920Z INFO : Automatic Proxy detection disabled: 0
    2022-09-27T11:02:12.3002920Z INFO : No feedback mode on: 0
    2022-09-27T11:02:12.3002920Z INFO : Dump feedback enabled: 0
    2022-09-27T11:02:12.3002920Z INFO : Bypass competitor removal: 0
    2022-09-27T11:02:12.3002920Z INFO : Using CRT catalog file path: --
    2022-09-27T11:02:12.3159184Z INFO : Only register endpoint with Central: 0
    2022-09-27T11:02:12.3159184Z INFO : Log messages between endpoint and Central: 0
    2022-09-27T11:02:12.3159184Z INFO : Log command-line passed to executables: 0
    2022-09-27T11:02:12.3159184Z INFO : Using custom server that hosts the installer stage2 filename: --
    2022-09-27T11:02:12.3159184Z INFO : Using cloud group: --
    2022-09-27T11:02:12.3159184Z INFO : Overriding computer name: --
    2022-09-27T11:02:12.3159184Z INFO : Overriding computer description: --
    2022-09-27T11:02:12.3159184Z INFO : Overriding domain name: --
    2022-09-27T11:02:12.3159184Z INFO : Language will be set to: --
    2022-09-27T11:02:12.3159184Z INFO : Using message relays: bc2.dom.com.com:8190
    2022-09-27T11:02:12.3159184Z INFO : Proxy address: --
    2022-09-27T11:02:12.3159184Z INFO : Proxy user name: --
    2022-09-27T11:02:12.3159184Z INFO : Using custom customer token: --
    2022-09-27T11:02:12.3159184Z INFO : Using specified products: --
    2022-09-27T11:02:12.3159184Z INFO : Using certificates from the program data folder: 0
    2022-09-27T11:02:12.3159184Z INFO : Setting non-persistent image: 0
    2022-09-27T11:02:12.3159184Z INFO : Setting gold image: 0
    2022-09-27T11:02:12.3159184Z INFO : MCS registration timeout for golden image: --
    2022-09-27T11:02:12.3159184Z INFO : Using custom customer ID: --
    2022-09-27T11:02:12.3159184Z INFO : Using specified user ID: --
    2022-09-27T11:02:12.3159184Z INFO : Using local install source: --
    2022-09-27T11:02:12.3159184Z INFO : Invoked as part of SEC migration: 0
    2022-09-27T11:02:12.3159184Z INFO : ---
    2022-09-27T11:02:12.3159184Z INFO : Detected architecture: 2
    2022-09-27T11:02:12.3159184Z INFO : Using x86 program files for stage 2
    2022-09-27T11:02:12.3159184Z INFO : Target path: C:\\Program Files (x86)\\Sophos\\CloudInstaller
    2022-09-27T11:02:12.3783737Z INFO : About to delete: C:\\Program Files (x86)\\Sophos\\CloudInstaller
    2022-09-27T11:02:12.3783737Z INFO : Folder not present, nothing to delete
    2022-09-27T11:02:12.3783737Z INFO : Running on x64, requesting x86 Stage2
    2022-09-27T11:02:12.3783737Z INFO : Sending HTTP 'POST' request to: api/download/stage2-details/3de3ff2f-f178-4315-a672-0cc085c64dc7
    2022-09-27T11:02:12.3783737Z INFO : Did not discover an URL for a PAC file
    2022-09-27T11:02:12.3783737Z INFO : Attempting to connect using proxy 'bc2.dom.com:8190' of type 'Message Relay'.
    2022-09-27T11:02:12.3783737Z INFO : Set security protocol: 00000800
    2022-09-27T11:02:12.3783737Z INFO : Opening connection to api-cloudstation-eu-central-1.prod.hydra.sophos.com
    2022-09-27T11:02:12.3783737Z INFO : Request content size: 30
    2022-09-27T11:02:12.4252771Z INFO : Sending request
    2022-09-27T11:02:12.4252771Z INFO : Request sent
    2022-09-27T11:02:12.4252771Z INFO : Sending request
    2022-09-27T11:02:12.4252771Z INFO : Request sent
    2022-09-27T11:02:12.4252771Z INFO : Response status code: 200
    2022-09-27T11:02:12.4252771Z INFO : Response data size: 3326
    2022-09-27T11:02:12.4252771Z INFO : trySendRequestThroughPotentialProxy returning response with status code: 200
    2022-09-27T11:02:12.4408756Z INFO : Parsing message received for Stage 2 filename: '<!DOCTYPE html><html lang="en"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=8; IE=EDGE"> <meta name="viewport" content="width=device-width, initial-scale=1"> <style type="text/css"> body { height: 100%; font-family: Helvetica, Arial, sans-serif; color: #6a6a6a; margin: 0; display: flex; align-items: center; justify-content: center; } input[type=date], input[type=email], input[type=number], input[type=password], input[type=search], input[type=tel], input[type=text], input[type=time], input[type=url], select, textarea { color: #262626; vertical-align: baseline; margin: .2em; border-style: solid; border-width: 1px; border-color: #a9a9a9; background-color: #fff; box-sizing: border-box; padding: 2px .5em; appearance: none; border-radius: 0; } input:focus { border-color: #646464; box-shadow: 0 0 1px 0 #a2a2a2; outline: 0; } button { padding: .5em 1em; border: 1px solid; border-radius: 3px; min-width: 6em; font-weight: 400; font-size: .8em; cursor: pointer; } button.primary { color: #fff; background-color: rgb(47, 113, 178); border-color: rgb(34, 103, 173); } .message-container { height: 500px; width: 600px; padding: 0; margin: 10px; } .logo { background: url(/XX/YY/ZZ/CI/EECENCMEPGHGPG) no-repeat left center; height: 267px; object-fit: contain; } table { background-color: #fff; border-spacing: 0; margin: 1em; } table > tbody > tr > td:first-of-type:not([colspan]) { white-space: nowrap; color: rgba(0,0,0,.5); } table > tbody > tr > td:first-of-type { vertical-align: top; } table > tbody > tr > td { padding: .3em .3em; } .field { display: table-row; } .field > :first-child { display: table-cell; width: 20%; } .field.single > :first-child { display: inline; } .field > :not(:first-child) { width: auto; max-width: 100%; display: inline-flex; align-items: baseline; virtical-align: top; box-sizing: border-box; margin: .3em; } .field > :not(:first-child) > input { width: 230px; } .form-footer { display: inline-flex; justify-content: flex-start; } .form-footer > * { margin: 1em; } .text-scrollable { overflow: auto; height: 150px; border: 1px solid rgb(200, 200, 200); padding: 5px; font-size: 1em; } .text-centered { text-align: center; } .text-container { margin: 1em 1.5em; } .flex-container { display: flex; } .flex-container.column { flex-direction: column; } </style> <title> Firewall Authentication </title> </head> <body> <div class="message-container"> <div class="logo"> </div> <h1> Testlabor Internet Proxy <br> Zugang nur für autorisierte Benutzer </h1> <form action="/XX/YY/ZZ/AUTH" method="post"> <input type="hidden" name="4Tredir" value="https://api-cloudstation-eu-central-1.prod.hydra.sophos.com/api/download/stage2-details/3de3ff2f-f178-4315-a672-0cc085c64dc7"> <input type="hidden" name="magic" value="655038159"> <input type="hidden" name="4Tmthd" value="1"> <p> Please enter your username and password to continue. </p> <div class="field"> <label for="ft_un"> TL-User: </label> <div> <input name="username" id="ft_un" type="text" autocorrect="off" autocapitalize="off"> </div> </div> <div class="field"> <label for="ft_pd"> TL-PWD: </label> <div> <input name="password" id="ft_pd" type="password" autocomplete="off"> </div> </div> <div class="form-footer"> <button class="primary" type="submit"> Login </button> </div> </form> </div> </body></html>\r\n'
    2022-09-27T11:02:12.4408756Z INFO : Cleaning up extracted files
    2022-09-27T11:02:12.4408756Z ERROR : Error downloading/running stage 2: Error parsing json file for Stage 2 filename: Unknown token: enJson content was :<!DOCTYPE html><html lang="en"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=8; IE=EDGE"> <meta name="viewport" content="width=device-width, initial-scale=1"> <style type="text/css"> body { height: 100%; font-family: Helvetica, Arial, sans-serif; color: #6a6a6a; margin: 0; display: flex; align-items: center; justify-content: center; } input[type=date], input[type=email], input[type=number], input[type=password], input[type=search], input[type=tel], input[type=text], input[type=time], input[type=url], select, textarea { color: #262626; vertical-align: baseline; margin: .2em; border-style: solid; border-width: 1px; border-color: #a9a9a9; background-color: #fff; box-sizing: border-box; padding: 2px .5em; appearance: none; border-radius: 0; } input:focus { border-color: #646464; box-shadow: 0 0 1px 0 #a2a2a2; outline: 0; } button { padding: .5em 1em; border: 1px solid; border-radius: 3px; min-width: 6em; font-weight: 400; font-size: .8em; cursor: pointer; } button.primary { color: #fff; background-color: rgb(47, 113, 178); border-color: rgb(34, 103, 173); } .message-container { height: 500px; width: 600px; padding: 0; margin: 10px; } .logo { background: url(/XX/YY/ZZ/CI/EECENCMEPGHGPG) no-repeat left center; height: 267px; object-fit: contain; } table { background-color: #fff; border-spacing: 0; margin: 1em; } table > tbody > tr > td:first-of-type:not([colspan]) { white-space: nowrap; color: rgba(0,0,0,.5); } table > tbody > tr > td:first-of-type { vertical-align: top; } table > tbody > tr > td { padding: .3em .3em; } .field { display: table-row; } .field > :first-child { display: table-cell; width: 20%; } .field.single > :first-child { display: inline; } .field > :not(:first-child) { width: auto; max-width: 100%; display: inline-flex; align-items: baseline; virtical-align: top; box-sizing: border-box; margin: .3em; } .field > :not(:first-child) > input { width: 230px; } .form-footer { display: inline-flex; justify-content: flex-start; } .form-footer > * { margin: 1em; } .text-scrollable { overflow: auto; height: 150px; border: 1px solid rgb(200, 200, 200); padding: 5px; font-size: 1em; } .text-centered { text-align: center; } .text-container { margin: 1em 1.5em; } .flex-container { display: flex; } .flex-container.column { flex-direction: column; } </style> <title> Firewall Authentication </title> </head> <body> <div class="message-container"> <div class="logo"> </div> <h1> Testlabor Internet Proxy <br> Zugang nur für autorisierte Benutzer </h1> <form action="/XX/YY/ZZ/AUTH" method="post"> <input type="hidden" name="4Tredir" value="https://api-cloudstation-eu-central-1.prod.hydra.sophos.com/api/download/stage2-details/3de3ff2f-f178-4315-a672-0cc085c64dc7"> <input type="hidden" name="magic" value="655038159"> <input type="hidden" name="4Tmthd" value="1"> <p> Please enter your username and password to continue. </p> <div class="field"> <label for="ft_un"> TL-User: </label> <div> <input name="username" id="ft_un" type="text" autocorrect="off" autocapitalize="off"> </div> </div> <div class="field"> <label for="ft_pd"> TL-PWD: </label> <div> <input name="password" id="ft_pd" type="password" autocomplete="off"> </div> </div> <div class="form-footer"> <button class="primary" type="submit"> Login </button> </div> </form> </div> </body></html>\r\n
    

    hope that one helps.

    many thanks

  • Hello TBC, TheBob or whatever your name,

    the proxy's response is a web-form and says Zugang nur für autorisierte Benutzer.

    Christian

  • Thanks for pointing this out, Christian! 

    , Do you know if there are any other proxies between the endpoint and the Message Relay server? You may want to try the Proxy username and Proxy password options if this is the case.

    The Message Relay server should not require endpoints to authenticate to connect. The installer package you are using will include the necessary information to authenticate through. Try downloading a new installer package to see if this returns different results.

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hello Qoosh,
    hallo Christian,

    we have for Client a proxy with authentication and for update Server a proxy without any authentication.

    The proxy using SSL Inspection

    On a server where Endpoint and Cache Relay are running, there is also WSUS running. On that one we don't need on Browser any proxy setting.

    On client with proxy and with authentication, I try to install the endpoint client, but without luck.

    First try was on client side without winhttp proxy:

    2022-09-28T07:50:45.0525504Z INFO : Running C:\\Temp\\SophosSetup-1187020342\\Setup.exe
    2022-09-28T07:50:45.0525504Z INFO : Stage 1 command-line options:
    2022-09-28T07:50:45.0525504Z INFO : ---
    2022-09-28T07:50:45.0525504Z INFO : Quiet mode on: 0
    2022-09-28T07:50:45.0525504Z INFO : Automatic Proxy detection disabled: 0
    2022-09-28T07:50:45.0525504Z INFO : No feedback mode on: 0
    2022-09-28T07:50:45.0525504Z INFO : Dump feedback enabled: 0
    2022-09-28T07:50:45.0525504Z INFO : Bypass competitor removal: 0
    2022-09-28T07:50:45.0525504Z INFO : Using CRT catalog file path: --
    2022-09-28T07:50:45.0525504Z INFO : Only register endpoint with Central: 0
    2022-09-28T07:50:45.0525504Z INFO : Log messages between endpoint and Central: 0
    2022-09-28T07:50:45.0525504Z INFO : Log command-line passed to executables: 0
    2022-09-28T07:50:45.0525504Z INFO : Using custom server that hosts the installer stage2 filename: --
    2022-09-28T07:50:45.0525504Z INFO : Using cloud group: --
    2022-09-28T07:50:45.0525504Z INFO : Overriding computer name: --
    2022-09-28T07:50:45.0525504Z INFO : Overriding computer description: --
    2022-09-28T07:50:45.0525504Z INFO : Overriding domain name: --
    2022-09-28T07:50:45.0525504Z INFO : Language will be set to: --
    2022-09-28T07:50:45.0525504Z INFO : Using message relays: 192.168.18.246
    2022-09-28T07:50:45.0525504Z INFO : Proxy address: --
    2022-09-28T07:50:45.0525504Z INFO : Proxy user name: --
    2022-09-28T07:50:45.0525504Z INFO : Using custom customer token: --
    2022-09-28T07:50:45.0525504Z INFO : Using specified products: --
    2022-09-28T07:50:45.0525504Z INFO : Using certificates from the program data folder: 0
    2022-09-28T07:50:45.0525504Z INFO : Setting non-persistent image: 0
    2022-09-28T07:50:45.0525504Z INFO : Setting gold image: 0
    2022-09-28T07:50:45.0525504Z INFO : MCS registration timeout for golden image: --
    2022-09-28T07:50:45.0525504Z INFO : Using custom customer ID: --
    2022-09-28T07:50:45.0525504Z INFO : Using specified user ID: --
    2022-09-28T07:50:45.0525504Z INFO : Using local install source: --
    2022-09-28T07:50:45.0525504Z INFO : Invoked as part of SEC migration: 0
    2022-09-28T07:50:45.0525504Z INFO : ---
    2022-09-28T07:50:45.0525504Z INFO : Detected architecture: 2
    2022-09-28T07:50:45.0525504Z INFO : Using x86 program files for stage 2
    2022-09-28T07:50:45.0525504Z INFO : Target path: C:\\Program Files (x86)\\Sophos\\CloudInstaller
    2022-09-28T07:50:45.1150452Z INFO : About to delete: C:\\Program Files (x86)\\Sophos\\CloudInstaller
    2022-09-28T07:50:45.1150452Z INFO : Folder not present, nothing to delete
    2022-09-28T07:50:45.1150452Z INFO : Running on x64, requesting x86 Stage2
    2022-09-28T07:50:45.1150452Z INFO : Sending HTTP 'POST' request to: api/download/stage2-details/3de3ff2f-f178-4315-a672-0cc085c64dc7
    2022-09-28T07:50:45.1150452Z INFO : Did not discover an URL for a PAC file
    2022-09-28T07:50:45.1150452Z INFO : Attempting to connect using proxy '192.168.18.246' of type 'Message Relay'.
    2022-09-28T07:50:45.1150452Z INFO : Set security protocol: 00000800
    2022-09-28T07:50:45.1150452Z INFO : Opening connection to api-cloudstation-eu-central-1.prod.hydra.sophos.com
    2022-09-28T07:50:45.1150452Z INFO : Request content size: 30
    2022-09-28T07:50:45.1306675Z INFO : Response status code: 400
    2022-09-28T07:50:45.1306675Z INFO : Response data size: 0
    2022-09-28T07:50:45.1306675Z INFO : trySendRequestThroughPotentialProxy returning response with status code: 400
    2022-09-28T07:50:45.1306675Z INFO : Failed to connect using proxy '192.168.18.246' with error: Bad response from new connection: status code=400
    2022-09-28T07:50:45.1306675Z INFO : Attempting to connect using proxy '' of type 'Empty Proxy'.
    2022-09-28T07:50:45.1306675Z INFO : Set security protocol: 00000800
    2022-09-28T07:50:45.1306675Z INFO : Opening connection to api-cloudstation-eu-central-1.prod.hydra.sophos.com
    2022-09-28T07:50:45.1306675Z INFO : Request content size: 30
    2022-09-28T07:50:47.5529971Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.5842743Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.5842743Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.5842743Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.6155578Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.6155578Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.6328865Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.6621720Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.6621720Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.6933999Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.6933999Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.7089189Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.7402427Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.7558861Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.7714654Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.7871679Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.8027460Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.8027460Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.8340523Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.8340523Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.8652150Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.8809194Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.8809194Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.9121177Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.9121177Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.9493646Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.9493646Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.9588855Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:47.9901128Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.0057845Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.0214680Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.0340521Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.0528349Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.0528349Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.0841157Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.0998207Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.1154027Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.1154027Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.1342234Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.1624478Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.1624478Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.1936777Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.2091891Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.2405371Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.2562388Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.2874881Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.3187656Z INFO : FindMainWindow: pid=0
    2022-09-28T07:50:48.5343534Z INFO : FindMainWindow: pid=0
    2022-09-28T07:51:48.3047747Z ERROR : WinHttpSendRequest failed with error 12002
    2022-09-28T07:51:48.3047747Z INFO : Failed to connect using proxy '' with error: WinHttpSendRequest failed
    2022-09-28T07:51:48.3047747Z INFO : Cleaning up extracted files
    2022-09-28T07:51:48.3047747Z ERROR : Error downloading/running stage 2: Failed to get stage-2 info: Failed to connect with any proxy
    

    second try was with winhttp proxy

    2022-09-28T05:50:59.6064583Z INFO : Friendly OS Name: WIN10
    2022-09-28T05:50:59.6064583Z INFO : Is server?: 0
    2022-09-28T05:50:59.6221029Z INFO : Sending HTTP 'POST' request to: sophos/management/ep/install/deployment-info/3
    2022-09-28T05:50:59.6221029Z INFO : Did not discover an URL for a PAC file
    2022-09-28T05:50:59.6221029Z INFO : Discovered the system proxy http=proxy.dom.com:8888;https=proxy.dom.com:8888;ftp=port
    2022-09-28T05:50:59.6221029Z INFO : Attempting to connect using proxy '192.168.18.246' of type 'Message Relay'.
    2022-09-28T05:50:59.6221029Z INFO : Set security protocol: 00000800
    2022-09-28T05:50:59.6221029Z INFO : Opening connection to mcs2-cloudstation-eu-central-1.prod.hydra.sophos.com
    2022-09-28T05:50:59.6221029Z INFO : Sending request for connection confirmation through potential proxy
    2022-09-28T05:50:59.6221029Z INFO : Request content size: 0
    2022-09-28T05:50:59.6376258Z INFO : Response status code: 400
    2022-09-28T05:50:59.6376258Z INFO : Response data size: 0
    2022-09-28T05:50:59.6376258Z INFO : trySendRequestThroughPotentialProxy returning response with status code: 400
    2022-09-28T05:50:59.6376258Z INFO : Failed to connect using proxy '192.168.18.246'
    2022-09-28T05:50:59.6376258Z INFO : Attempting to connect using proxy 'http=proxy.dom.com:8888;https=proxy.dom.com:8888;ftp=port' of type 'System'.
    2022-09-28T05:50:59.6376258Z INFO : Set security protocol: 00000800
    2022-09-28T05:50:59.6376258Z INFO : Opening connection to mcs2-cloudstation-eu-central-1.prod.hydra.sophos.com
    2022-09-28T05:50:59.6376258Z INFO : Sending request for connection confirmation through potential proxy
    2022-09-28T05:50:59.6376258Z INFO : Request content size: 0
    2022-09-28T05:50:59.7469978Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
    2022-09-28T05:50:59.7625111Z INFO : Subject certificate failed validation against root CA: SophosCA1
    2022-09-28T05:50:59.7625111Z INFO : Subject certificate failed validation against root CA: SophosCA2
    2022-09-28T05:50:59.7625111Z INFO : Subject certificate failed validation against root CA: Sophos SHA256 MCS Root CA3
    2022-09-28T05:50:59.7625111Z INFO : Subject certificate failed validation against root CA: Sophos SHA256 MCS Root CA4
    2022-09-28T05:50:59.7625111Z ERROR : Failed to validate server cert; terminating HTTP connection.
    2022-09-28T05:50:59.7625111Z ERROR : WinHttpSendRequest failed with certificate check failure and error 12017
    2022-09-28T05:50:59.7625111Z INFO : Failed to connect using proxy 'http=proxy.dom.com:8888;https=proxy.dom.com:8888;ftp=port' with error: WinHttpSendRequest failed: certificate check failure
    2022-09-28T05:50:59.7625111Z INFO : Attempting to connect using proxy '' of type 'Empty Proxy'.
    2022-09-28T05:50:59.7625111Z INFO : Set security protocol: 00000800
    2022-09-28T05:50:59.7625111Z INFO : Opening connection to mcs2-cloudstation-eu-central-1.prod.hydra.sophos.com
    2022-09-28T05:50:59.7625111Z INFO : Sending request for connection confirmation through potential proxy
    2022-09-28T05:50:59.7625111Z INFO : Request content size: 0
    2022-09-28T05:53:06.0902082Z ERROR : WinHttpSendRequest failed with error 12002
    2022-09-28T05:53:06.0902082Z INFO : Failed to connect using proxy '' with error: WinHttpSendRequest failed
    2022-09-28T05:53:06.0902082Z ERROR : HTTP error: Failed to connect with any proxy: certificate check failure
    2022-09-28T05:53:06.0902082Z ERROR : System Property Check: ValidDeploymentInfo - FAILED
    2022-09-28T05:53:06.1527057Z INFO : Running System Property Check: InstallationInProgress ...
    2022-09-28T05:53:06.1527057Z INFO : System Property Check: InstallationInProgress - PASSED
    2022-09-28T05:53:06.2158938Z INFO : Running System Property Check: SafeGuardEncryption ...
    2022-09-28T05:53:06.2158938Z INFO : Entered installedProductCode, upgradeCode={BA2F47D3-1C17-40E7-8DE7-1CD733442B6C}
    2022-09-28T05:53:06.2158938Z INFO : Product is not installed
    2022-09-28T05:53:06.2158938Z INFO : licensesContainFeature(DEVICE_ENCRYPTION): false
    2022-09-28T05:53:06.2158938Z INFO : System Property Check: SafeGuardEncryption - PASSED
    

    For me, it makes no sens to use a winhttp proxy on any device, and why I need a proxy for devices without any internet connections?

    Also, why is the certificate from mcs2-cloudstation-eu-central-1.prod.hydra.sophos.com invalid?

    Hope you can help. Many thanks

  • Hello TBC,

    not sure if I understand your setup correctly. I'll try to answer and explain a few things and maybe we can make some progress.

    What you see in the second try is:
    • a connection attempt to mcs2.... through the alleged relay 192.168.18.246. Question is, why is this just an IP and not (as in the log you previously posted) bc2.dom.com.com:8190? Connection is likely to a default port (80 or 443) and whatever listens there returns (not surprisingly) a 400 Bad Request• next attempt is with the system proxy proxy.dom.com:8888. You get the same error as on the 26th, then the cause was a missing root certificate - thought you have installed it so this error should no longer occur
    • last attempt is a direct connection which fails (as expected) with a timeout (12002)

    Your first try was without a proxy and naturally you simply get a timeout.

    Going back to your post on 23rd:
    wondering is that the timestamp in the Log is wrong - times in the log are UTC, assuming you're in Germany (from the Zugang message) or Italy (from the proxy address) a two hour offset is expected
    run update without any luck -  this server first tries the Manually configured proxy: 87.19.17.4:443. This fails with 12030 (The connection with the server has been reset or terminated, or an incompatible SSL protocol was encountered). Then it tries with the system proxy "https=fw-trzisp-02.db-trz.com:8880" and gets a timeout. Eventually it's Using update cache: bc2.dom.com:8191 and, as far as I can see, succeeds. Seems that bc2.dom.com is another cache, isn't it?

    it makes no sense to use a winhttp proxy on any device, and why I need a proxy for devices without any internet connections?
    The WinHTTP proxy is a fallback (as is the attempt to connect directly). And as far as Sophos is concerned you don't need an explicit (configured in  Central) or system (configured on the endpoint) proxy. All you need is a reachable server that acts a Update Cache and Message Relay. AFAIK this server could in turn use a UC/MR except for the UC and MR components.   

    Christian

  • Hello Christian,
    thank you for your comments.
    That sometimes the IP and sometimes the FQDN is in it, is due to the call with the corresponding parameter --messagerelay=.
    I have now found the error thanks to your explanations. The Installation took place without proxy with the Call: *.exe --messagerelays=IP/FQDN, somehow I have always overlooked that this should be so: *.exe --messagerelays=IP/FQDN:8190.

    Now it seems to work.
    I have deleted all proxy settings and had forgotten to enter the URL for Central: Zuzulassende Domänen und Ports

    Now everything seems to go so slowly, I watch again because a server still refuses :-)

    Many thanks to you both Christian and Qoosh!