- Flexera Community
- FlexNet Manager
- FlexNet Manager Forum
- Windows workgroup servers getting certificate error when communicating with the beacon.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Windows workgroup servers getting certificate error when communicating with the beacon.
The client requires some Windows workgroup servers to be inventoried. The agent has been installed. Communications with the beacon to download policy result in S107M858 error messages.
The following network error occurred while retrieving the application: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
These systems cannot be added to a domain to handle certificates.
Other than not checking for certificates what options exist to enable system communication with the beacon in this environment?
This thread has been automatically locked due to inactivity.
To continue the discussion, please start a new thread.
Generally, when using HTTPS on a Beacon running on a newer Windows OS, you will have to switch support for TLS 1.1/.2 on for Windows Server 2008 R2 Servers to allow downloading the policy from the Beacon or for uploading of Inventory data to the Beacon. This is independent if this is a 'Workgroup' server or member of a Windows Domain.
See the following discussion for additional information on Windows Server 2008 and other old versions of Windows, please.
I think you've touched on the primary options available here:
- Configure FlexNet agents so that they can run without trusting the certificate that is used to encrypt HTTPS traffic. This is done by setting the CheckServerCertificate agent preference to False.
- Configure the computers that FlexNet agents are installed on so that they trust the certificate that is installed on the beacon.
Some other technical possibilities (although they may be impractical) are:
- Change the certificate on the beacon to one that will be trusted by all computers in the agent runs on.
- Use plain unencrypted HTTP rather than HTTPS for agent->beacon communications.