Good afternoon
I came through the community to ask for help regarding an issue that I believe many have already faced, it would be after the deployment of the tool, installation of the beacon and configuration of the agents that are reporting to an end in http it is possible to change the end to an https and continue using the same config of the agents to which they are pointing to an http ??
or will it be necessary to redeploy the agents to a new end with https ??
‎Aug 22, 2022 03:09 PM
You can configure your beacon with https. You need to ensure port 443 & 80 both are allowed in firewall before making changes. don't delete http configuration from IIS at least for some duration.
Agent will start taking policy .
‎Aug 23, 2022 03:26 AM
Good afternoon, I believe it was not clear in the explanation, the scenario is the client already has the beacon server and the agents deployed on the network directed to HTTP, the same will be adding a digital certificate transforming this publication into HTTPs, is there any of the agents continuing to report without needing to reinstall them?
‎Aug 23, 2022 09:39 AM
Yes. Also for any new installation ensure certificate check false entry in registry. You need to append in your mgssetup.ini file.
desc2 = CheckServerCertificate
val2 = False
desc3 = CheckCertificateRevocation
val3 = False
‎Aug 24, 2022 12:04 AM
The agents won't need to be reinstalled. After the beacon configuration is changed to use HTTPS, the update to the protocol to use will propagate in due course to the agents through their policy updates.
Making a change like this does carry some risk that agents will become orphaned. Remember that each agent has a set of beacon details it will attempt to use for communications. If at any point you make a change that results in none of those beacon details working any longer, then the agent will become orphaned and stop communicating.
Here are some potential gotchas to watch out for:
‎Aug 29, 2022 12:47 AM