Showing results for 
Show  only  | Search instead for 
Did you mean: 


Our Agent is unable to download policy.

When we investigate within our Installation.log:



We see the following reported:


[Timestamp] {process ID} Download failure: The revocation function was unable to check revocation because the revocation server was offline.

[Timestamp] {process ID} Download FAILED for “https://Beacon/ManageSoftDL/Policies/Merged/Domain/Machine/policy.npl"


  1. Copy the aforementioned .npl download URL from our installation.log
  2. Within your web browser of choice on the target device navigate to that URL
  3. To the left of our Beacon URL, select the lock iconurl.png
  4. On this drop-down, select 'Certificate'certificate.png

On this resulting certificate dialog, choose the 'details' tab

  1. On our 'Details' list, locate the CRL Distribution Points list - this outlines the Revocation Servers our error mentions, which distribute our Certificate Revocation List to our agent device
  2. Copy the URL for these distribution points, and test navigating to these within your web browser
    The Certificate Revocation Server addresses are specified within the 'URL=' values above.


If the CRL Distribution Points are inaccessible from our agent device, this would explain our 'Revocation Server offline' Error - raise this with your network team to rectify, ensuring this URL is part of an allow-list or unblocked by a firewall.


If this is not possible to rectify, configure your Inventory Agent to ignore Certificate Revocation utilising the [Registry]\ManageSoft\Common\

CheckCertificateRevocation = False


CheckServerCertificate = False

Settings within the Windows Registry or config.ini file for our Inventory Agent - depending on whether you're utilising a Windows or UNIX-based agent respectively.

Was this article helpful? Yes No
No ratings
Version history
Last update:
‎Jul 13, 2020 10:04 AM
Updated by: