The Sophos Community will be unavailable from 13:00 to 18:00 UTC this Saturday, October 1st for upgrades. Stay tuned to our Twitter account @SophosSupport for updates.
The following error is shown in the Sophos Remote Management (RMS) Router log:
[DATE] [TIME] E Router::Start: Caught Certificate request refused by certification manager, subject identity not proven
First seen in Enterprise Console 5.2.1 R2
The message router does not have a certificate.
The three identity keys held in the endpoint's registry must be present and match the the server's keys. The table in the section 'Cross reference of registry values to configuration values' below provides information that will allow you to cross reference the registry keys to the values in the mrinit.conf file.
If you determine that the values do not match, or are unsure if they match/the problem continues, perform the following:
Example of checking the RouterCertIdentityKey:
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.