Loading...

Knowledge Center


Certificate error showing the browser is attempting to use the wrong certificate when logging on to ePolicy Orchestrator
Technical Articles ID:   KB86528
Last Modified:  7/13/2018
Rated:


Environment

McAfee ePolicy Orchestrator (ePO) 5.x

Problem

When attempting to open the ePO console and log on, an unexpected certificate error is shown at the top of the browser. If you click this error and then select View Certificate, you may see that the wrong certificate is displayed (for example, an old certificate that is no longer used). This might occur after updating the Server Certificate used for browser authentication for ePO.  

Cause

A custom modification was made to the server.xml to update the keystorefile name for the orion.server.https connector.

By default, ePO uses a self-signed certificate for browser authentication. This certificate is stored in the folder .\\Server\Keystore and is named server.keystore.

The server.xml points to this file within the orion.server.https definition using the following tags:

keystoreFile="keystore/server.keystore"
keystorePass="snowcap"


If you modified this information to point to a different file name, the server will look for this file in the \Server\Keystore folder on startup and when browser connections are attempted. This could cause the browser to load the wrong certificate or this could prevent a browser from connecting if the file does not exist in the Keystore directory.

Solution

Either the default self-signed certificate or a custom certificate will be imported and named server.keystore. To fix this issue:
  1. Create a backup of the file .../McAfee/ePolicy Orchestrator/server/conf/server.xml.
  2. Edit server.xml and change the keystoreFile= and keystorePass= lines back to the default:
     
    keystoreFile="keystore/server.keystore"
    keystorePass="snowcap"
  3.  
  4. Save the file.
  5. Restart ePO services:
    1. Click Start, Run, type services.msc, and click OK.
    2. Right-click the following services and select Restart:

      McAfee ePolicy Orchestrator x.x.x Application Server
      McAfee ePolicy Orchestrator x.x.x Server
      McAfee ePolicy Orchestrator x.x.x Event Parser

Rate this document

Affected Products


ePolicy Orchestrator 5.3

Languages:

This article is available in the following languages:

English United States
Japanese

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.