Video Screencast Help

Clients not reporting and updating after IIS cert replacement

Created: 20 Dec 2009 • Updated: 24 Jun 2010 | 4 comments

One of our admins replaced the IIS certificate on our SEPM server because it expires in a couple weeks (this was being done on lots of machines due to the expiration).  Since then, the vast majority of clients stopped reporting their status and stopped getting definitions updates.  Honestly, I only think new clients are the ones that are working properly.  I have about 4,000 clients not getting updates and 10 or so that are.

I'm contemplating restoring the old certificate, but we only have a couple weeks to figure out how to do this properly, since the cert expires.  Of course, there is the possibility the certificate change had nothing to do with this, but it seems too coincidental to have been something else.

I've tried a few things I found on the forum, like deleting the client out, but it does not solve the problem, best I can tell. Replacing the sylink.xml file on the machines doesn't seem to help either.

The sylink.log shows this entry:

<mfn_DoGetIndexFile200>Signature verification FAILED for Index File Content..

Any help or ideas would be appreciated. In case it matters, the new IIS certificate is a is a wildcard cert.

Comments 4 CommentsJump to latest comment

snekul's picture

Learned a bit more info, turns out the admin did change the cert inside SEPM as well.   Now this all makes sense.  I'm going to restore the previous cert, but I am wondering what is the proper procedure for replacing a certificate that is going to expire.

Eric C. Lukens IT Security Policy and Risk Assessment Analyst University of Northern Iowa

snekul's picture

And restoring the old cert in SEPM fixed it.  The IIS cert replacement doesn't seem to matter to SEP/SEPM.  So now, the big question actually is, how do you replace the certificate in SEPM if it is going to expire?

Eric C. Lukens IT Security Policy and Risk Assessment Analyst University of Northern Iowa

AravindKM's picture

Whether you tried by reconfiguring the server after replacing the cert.? 

Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind