A new Flexera Community experience is coming on November 25th. Click here for more information.
Hello,
Anyone please help on How to add CheckCertificateRevocation & CheckServerCertificate setting in ZeroTouch Inventory.
We are facing issue where server is not able to upload file to beacon server although all ports are open as well as Beacon url is also getting successfully tested in web browser. And no traffic is blocking from firewall.
and while I have ran the ndtrack command manually with CheckCertificateRevocation & CheckServerCertificate false setting it's uploading the data.
So I need to help to push CheckCertificateRevocation & CheckServerCertificate setting from beacon when ZeroTouch inventory rule getting triggered from beacon.
âSep 12, 2024 08:36 PM
When using remote execution capabilities built in to Flexera One ITAM/FNMS, you are not able to control what command line options are used to gather inventory. So you can't use non-default values for settings like CheckCertificateRevocation & CheckServerCertificate.
If you need to run the inventory gathering process with non-default settings then you will need to find another way to initiate the process instead of using the built-in remote execution capabilities.
âSep 18, 2024 10:34 PM
You're not describing on which OS platform(s) you're running into this issue, but please be aware that "File upload using HTTPS protocol is not directly supported for UNIX-like platforms in the Zero-footprint case." as per Zero-Footprint: System Requirements :
Thanks,
âSep 16, 2024 03:32 AM
@JohnSorensenDK We are facing this issue for for windows servers
âSep 17, 2024 11:11 PM - edited âSep 17, 2024 11:12 PM
When using remote execution capabilities built in to Flexera One ITAM/FNMS, you are not able to control what command line options are used to gather inventory. So you can't use non-default values for settings like CheckCertificateRevocation & CheckServerCertificate.
If you need to run the inventory gathering process with non-default settings then you will need to find another way to initiate the process instead of using the built-in remote execution capabilities.
âSep 18, 2024 10:34 PM
@ChrisG Please suggest any other way if we can do achieve this? It's very hard to go and setup schedule task with certificate setting command on each server.
Also please confirm in case ZeroTouch inventory where does ndtrack check the certificates?
any specific like or it will only check the beacon certificate?
Thanks
âSep 20, 2024 03:47 AM - edited âSep 20, 2024 03:50 AM
There are no capabilities built in to Flexera One ITAM/FNMS to remotely execute the ndtrack.exe inventory gathering process in a way that does not check certificates. If you want to do that you will need to use some other technology to remotely connect to devices and execute an appropriate command line.
ndtrack.exe on Windows uses built-in Windows system APIs to check that certificates are trusted based on information stored in the Windows certificate store. There is no material difference between how ndtrack.exe does this and how your browser would check the certificate is trusted.
âSep 22, 2024 08:23 PM