A new Flexera Community experience is coming on November 18th, click here for more information.
This knowledge base article provides an instruction on how to edit a Child Beacon registry key entry -- CertificateFile and why it may need to be done.
When a child beacon (not a top level beacon) is configured in an FNMS Cloud hierarchy or if the registry value exists in an OnPremises beacon, the beacon fails to download policy as it is unable to verify the Cloud certificate configured against the connection from the parent beacon or FNMS (OnPremises) server. You may see the beacon test connection is successful but the Beacon control file (policy) is missing error being displayed on the beacon UI. The BeaconEngine log may also indicate the following error:
[Rules.PolicyClient |policy] [ERROR] Failed to verify policy signature.
This is required because the default configuration of a beacon is based on the assumption that it will connect to the FNMS Cloud infrastructure directly. As such, it expects data to be securely signed by Flexera as it comes across the Internet. However this assumption does not hold for child beacons which communicate to another beacon within the client environment rather than FNMS Cloud or on FNMS OnPremises implementations; deleting the registry entry fixes resolves this scenario
The following registry entry needs to be deleted (renamed to other):
HKLM\SOFTWARE\Wow6432Node\ManageSoft Corp\ManageSoft\Compliance\CurrentVersion\CertificateFile
on May 26, 2018 01:00 PM - edited on Jul 01, 2021 09:32 AM by Jellou