Error - "NET::ERR_CERT_REVOKED" (unable to connect to Enterprise Security Manager)
Last Modified: 2022-12-09 10:19:23 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Error - "NET::ERR_CERT_REVOKED" (unable to connect to Enterprise Security Manager)
Technical Articles ID:
KB90998
Last Modified: 2022-12-09 10:19:23 Etc/GMT Environment
SIEM Enterprise Security Manager (ESM) 11.x
Summary
Errors can occur when trying to connect to ESM. Occasionally, an error stating that the SSL certificate has been revoked can occur. Although an invalid SSL certificate error is an expected error, a revoked SSL certificate error is considered abnormal. Google Chrome and other browsers might not allow a user to bypass or ignore a revoked SSL certificate error. The inability to ignore the revoked certificate results in an unsuccessful ESM logon. This article explains why this issue occurs and how to correct it.
Problem
The following certificate error occurs when a user tries to connect to the ESM:
Cause
The cause of this error is the use of a self-signed SSL certificate. During the SSL certificate generation, the user's certificate is signed using Solution
NOTE: Run the following commands only if you're an experienced Linux user. Otherwise, contact Technical Support for further assistance.
NOTES:
McAfee-ETM-5600 /etc/httpd/ssl # ls -al total 20 drwxr-xr-x 2 root root 4096 Sep 14 2017 ./ drwxr-xr-x 6 root root 4096 Sep 14 2017 ../ -rw------- 1 root root 1375 Mar 29 2018 ca.crt -rw------- 1 root root 1375 Mar 29 2018 server.crt -rw------- 1 root root 1704 Mar 29 2018 server.key McAfee-ETM-5600 /etc/httpd/ssl # rm ca.crt server.crt server.key McAfee-ETM-5600 /etc/httpd/ssl # ls -al total 8 drwxr-xr-x 2 root root 4096 Oct 19 16:26 ./ drwxr-xr-x 6 root root 4096 Sep 14 2017 ../ McAfee-ETM-5600 /etc/httpd/ssl # service httpd restart Stopping httpd: [ WARN ] Starting httpd: Generating NitroSecurity ESM SSL certificate... [ OK ] [Fri Oct 19 16:26:54.667050 2018] [so:warn] [pid 20393] AH01574: module setenvif_module is already loaded, skipping [ OK ] McAfee-ETM-5600 /etc/httpd/ssl # ls -al total 20 drwxr-xr-x 2 root root 4096 Oct 19 16:26 ./ drwxr-xr-x 6 root root 4096 Sep 14 2017 ../ -rw------- 1 root root 1375 Oct 19 16:26 ca.crt -rw------- 1 root root 1375 Oct 19 16:26 server.crt -rw------- 1 root root 1704 Oct 19 16:26 server.key Affected ProductsLanguages:This article is available in the following languages: |
|