This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Your device is not able to connect with the customer My Account server since the last 74 days. If the device fails to synchronize for 16 more day(s), it will be deactivated. Please {vrclicklink} to synchronize manually.

Since upgrading from V17.5 to 18.0.1.396 I have not been able to sync with Sophos as seen in the capture from the license.log file:

ERROR Sep 24 19:52:04 [4154307968]: Certificate signing Failed : Device not found...:(
ERROR Sep 24 19:52:04 [4154307968]: certificate signing request() : parsing failed...

INFO      Sep 24 18:59:05 [4154279296]: licensing_do_applianceupdate : request : { "serialNumber": "XXXXXXXXXXXX", "applianceAttributes": [ { "name": "firmwareVersion", "value": "18.0.1.396" } ] }
ERROR     Sep 24 18:59:05 [4154279296]: curl_easy_perform(58) failed: Problem with the local SSL certificate
ERROR     Sep 24 18:59:05 [4154279296]: licensing_do_applianceupdate() : Problem in contacting Server

I have tried regenerating the certificate and set the NTP to a local sources and updated.

the error still is happening.

I have noticed the firewall also has some Certificate authorities expired not sure if that will matter.

Can anyone help me?

This thread was automatically locked due to age.

Top Replies

LuCar Toni over 3 years ago in reply to CdnWolf +1

Depends on how fast you are. Preparing the Stick and booting the Stick with installation would take ~10 mins. Accessing the appliance via Port1 and giving the Backup another 5 mins.

Parents

0 emmosophos over 3 years ago

Hello CdnWolf,

Thank you for contacting the Sophos Community!

Could you please try the following:

# cd /content/licensing

# ls -lh

You will see two files

lic_csr.pem
lic_csr.key

Run the following commands:

cp lic_csr.pem lic_csr.pem.bk

cp lic_csr.key lic_csr.pem.key

rm lic_csr.pem

rm lic_csr.key

And go back to the GUI and try syn the license again.

Regards,

Emmanuel (EmmoSophos)

Technical Team Lead, Global Community Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Cancel

0 CdnWolf over 3 years ago in reply to emmosophos

When I go to do the list of files:

ls -lh

I do not see the two files:

lic_csr.pem

lic_csr.key

If from the GUI i run Sync the license again and quickly do a ls -lh I see the files get created then the sync fails and the files disappear again.

Here is the licensing log data (redacted of course):

INFO      Sep 25 17:19:27 [4154123648]: --requestType = 2
INFO      Sep 25 17:19:27 [4154123648]: --lastCheckCode = Redacted
INFO      Sep 25 17:19:27 [4154123648]: --cert = /content/licensing/lic_csr.pem
INFO      Sep 25 17:19:27 [4154123648]: --token = Token-Id:Redacted
INFO      Sep 25 17:19:27 [4154123648]: --key = /content/licensing/lic_csr.key
INFO      Sep 25 17:19:27 [4154123648]: URL : https://eu-prod-utm.soa.sophos.com/api/device/2/license
INFO      Sep 25 17:19:41 [4154123648]: response : {"errorCode":"ITSERVICELAYER_CLIENT_AUTHENTICATION_ERROR","message":"Authentication failed","statusCode":403,"trackingId":"Redacted"}
ERROR     Sep 25 17:19:41 [4154123648]: license_check failed : Authentication failed
ERROR     Sep 25 17:19:41 [4154123648]: licensing_do_licensecheck() :parsing response failed...
####################################################
generate certificate signing request (CSR)  Fri Sep 25 17:19:43 PDT 2020


Fri Sep 25 17:19:45 PDT 2020 certificate signing request generated with status :: 0


####################################################
INFO      Sep 25 17:19:45 [4153746816]: --requestType = 4
INFO      Sep 25 17:19:45 [4153746816]: --serial = Redacted
INFO      Sep 25 17:19:45 [4153746816]: --deviceid = Redacted
INFO      Sep 25 17:19:45 [4153746816]: --cert = /_conf/certificate/licensing/mfgr_vendor_SO.pem
INFO      Sep 25 17:19:45 [4153746816]: --key = /_conf/certificate/licensing/mfgr_vendor_SO.key
INFO      Sep 25 17:19:45 [4153746816]: URL : https://eu-prod-csr.soa.sophos.com/api/certificate/1/signing
INFO      Sep 25 17:19:45 [4153746816]: certificate_signing_request() : request : {                                             "serialNumber":"Redacted",                                       "deviceId":"Redacted",                                           "certificateSigningRequest":"-----BEGIN CERTIFICATE REQUEST-----
Redacted
-----END CERTIFICATE REQUEST-----
"}
INFO      Sep 25 17:19:46 [4153746816]: certificate_signing_request() : response : {"errorCode":"ITSERVICELAYER_DEVICE_NOTFOUND_ERROR","message":"Device not found","statusCode":404,"trackingId":"Redacted"}

ERROR     Sep 25 17:19:46 [4153746816]: Certificate signing Failed : Device not found...:(
ERROR     Sep 25 17:19:46 [4153746816]: certificate signing request() : parsing failed...
INFO      Sep 25 17:19:49 [4153902464]: --requestType = 8
INFO      Sep 25 17:19:49 [4153902464]: --serial = Redacted
INFO      Sep 25 17:19:49 [4153902464]: --fwversion = 18.0.1.396
INFO      Sep 25 17:19:49 [4153902464]: --cert = /content/licensing/lic_csr.pem
INFO      Sep 25 17:19:49 [4153902464]: --key = /content/licensing/lic_csr.key
INFO      Sep 25 17:19:49 [4153902464]: --token = Token-Id:Redacted
INFO      Sep 25 17:19:49 [4153902464]: URL : https://eu-prod-utm.soa.sophos.com/api/device/1/appliance
INFO      Sep 25 17:19:49 [4153902464]: licensing_do_applianceupdate : request : { "serialNumber": "Redacted", "applianceAttributes": [ { "name": "firmwareVersion", "value": "18.0.1.396" } ] }
ERROR     Sep 25 17:19:49 [4153902464]: curl_easy_perform(58) failed: Problem with the local SSL certificate
ERROR     Sep 25 17:19:49 [4153902464]: licensing_do_applianceupdate() : Problem in contacting Server

Any Other thoughts?

Reply