After migrating your Enterprise Console to a new server, all managed endpoints fail to report into the new Enterprise Console. On the Enterprise Console server you will see a similar error to this in the Agent log.
Windows 2000/XP/2003: \Documents and Settings\All Users\Application Data\Sophos\Remote Management System\3\Agent\logs\ Windows Vista and above: \ProgramData\Sophos\Remote Management System\3\Agent\logs\
E Response received from CM is a failure response. E Failure reason: failed to validate certificate subject's purported identity. E std::exception: Caught CertRequesterLib::InternalErrorException (Certificate request failed. Failure reason: failed to validate certificate subject's purported identity.) ClientConnection::Reconnect()
First seen in
Enterprise Console 5.0.0
This is caused when the certificates from the old server is either imported incorrectly or not imported at all.
There are a number of different scenarios that can cause the same symptoms, each has been detailed below. This guide assumes you have knowledge on uninstalling applications as well as using the registry.
If the certificates were not imported during the migration process the client devices will fail authentication when communicating with the Enterprise Console server.
Certificates Imported After Installation
The order in which the certificates are imported is very important. If they are imported too late in the migration procedure, new certificates will already have been issued and assigned to various components on the server.
Certificates Not Updated For Your Platform
When moving from a 32-bit to 64-bit platform you need to update the registry entries to reflect Microsoft's new registry path used by 64-bit operating systems.
Tutti i commenti qui inseriti vengono letti (dal team di supporto), ma non verranno inviate risposte specifiche ad alcun quesito tecnico. Nel caso richiediate supporto tecnico, vi invitiamo a postare il vostro quesito nella nostra community. Altrimenti, se la richiesta di supporto riguarda un prodotto con licenza, vi invitiamo ad aprire un ticket per il team di supporto.