Knowledge Center

DXL status is shown as DOWN in the Advanced Threat Defense manager
Technical Articles ID:   KB89214
Last Modified:  12/13/2017


McAfee Advanced Threat Defense (ATD) 3.x
McAfee Data Exchange Layer (DXL)


You see that the DXL Status is reported as DOWN in the Advanced Threat Defense manager, under Manage, ATD Configuration, ePO Login/DXL, DXL Settings.

But, in the ePO Admin Console, the ATD node under System Tree lists the DXL Status as Connected.


McAfee recently changed the McAfee code signing certificate. McAfee Agent (MA) on ATD 3.x is not shipped with the recent updated certificates.

NOTE: MA on ATD 4.0 or higher is shipped with the recent updated certificate. The problem described in this article does not apply to ATD 4.x.


The McAfee Agent team has released the MsgBus Cert Updater 5.0.5 658 package for ePO, to address this issue, which includes these updated certificates.

To obtain this update, pull the package from the mcafeehttp repository to your ePO Master Repository.

When it is pulled to the Master Repository, these certificates are automatically pushed to all ATD devices from ePO, on a daily basis, at 12 a.m..

If you prefer to perform it manually, create a McAfee Agent Product Update task on ePO under Client Task Catalog. After the task is created, you can run this task against your ATD appliances. This action updates the MA CertStore on ATD and resolves the issue.

NOTE: You do not need to upgrade the ATD appliance's McAfee Agent. The MsgBus Cert Updater 5.0.5 658 is compatible with McAfee Agent 5.0.4 on ATD.

IMPORTANT: McAfee Agent on ATD needs to communicate with ePO and your repository. Ensure that you open the relevant ports on your firewall between ATD and ePO, and between ATD and your repositories. See the McAfee Agent section of KB66797 for the complete list of the related port numbers.

If your DXL status is DOWN even though you installed the MsgBus Cert Updater 5.0.5 658 package to the Master Repository, contact Technical Support and reference this article number.

To contact Technical Support, log on to the ServicePortal and go to the Create a Service Request page at https://support.mcafee.com/ServicePortal/faces/serviceRequests/createSR:
  • If you are a registered user, type your User Id and Password, and then click Log In.
  • If you are not a registered user, click Register and complete the required fields. Your password and logon instructions will be emailed to you.

Rate this document

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms

 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.