cancel
Showing results for 
Search instead for 
Did you mean: 
elindemann
Active participant

Re: FlexNet Agent cert error and timeout error

A quick Google search on the error message indicates an issue with the certificates installed on your client computer(s).

A valid trusted root certification authority (CA) certificate has not been found in the Trusted Root Certification Authorities store. Check the following sites please:


https://knowledge.digicert.com/solution/SO13755.html
https://social.msdn.microsoft.com/Forums/ie/en-US/5ed119ef-1704-4be4-8a4f-ef11de7c8f34/a-certificate...

0 Kudos
Highlighted
adrian_ritz1
Intrepid explorer

Re: FlexNet Agent cert error and timeout error

Hi,

You can use the following option CheckServerCertificate =false

According to documentation:

When transferring data to or from an inventory beacon using the HTTPS protocol, a web server certificate is applied to
the data being transferred. All component agents can (and by default do) validate the public certificates received from
the inventory beacon against their local copy (on Windows, in the certificate store; and on UNIX in the PEM file).
If you wish, you can use the CheckServerCertificate preference to prevent agents from performing the certificate
check. (Without this check, the certificate is ignored, and the HTTPS protocol provides only encryption as security on the
transfer, without validating that the agent is contacting the correct inventory beacon server.)
You can set this as a common registry entry, so that the same behavior occurs across all agents; and you can override the
common behavior by setting an overriding registry entry for any individual agent if required. By default, this preference
is set so that all agents check the inventory beacon server certificate against the root CA certificate.

Also other question, when you installed the agent on unix/linux did you put before installation the certificate on server?

Also according to documentation:

If the target computer device is to use the HTTPS protocol to communicate with an inventory beacon, and you
require certificate checking to validate that the device is talking to the correct inventory beacon (for details, see
Agent third-party deployment: Enabling the HTTPS Protocol on UNIX Agents):
a. Prepare a summary HTTPS CA certificate for the target device(s) (see notes in Agent third-party
deployment: HTTPS CA Certificate File Format (UNIX))
b. Configure your deployment/installation tool to deliver the certificate file as /var/tmp/
mgsft_rollout_cert on the target device.
This file must be in place on the device before you run the installer for FlexNet inventory agent. During
installation, the /var/tmp/mgsft_rollout_cert file is copied to /var/opt/managesoft/etc/
ssl/cert.pem.
Tip: If you do not complete this as part of the deployment and installation process, after installation
you can simply copy the completed certificate to /var/opt/managesoft/etc/ssl/cert.pem on
a device where FlexNet inventory agent is locally installed.

If you did the previous step correctly then probably there is a issue with your certificate, may be you can recreate it.

0 Kudos