"Vulnerability Protection Service: Unknown Error" is displayed on the console of Apex Central

Product / Version includes:

Apex Central2019 , Apex One2019

Last updated: 2024/05/24

Solution ID: KA-0011136

Category: Troubleshoot

Summary

Some issue are experienced with the Vulnerability Protection Service, and the following can be observed:

On the Apex Central Console:
- Policy shows "with issues" because Vulnerability Protection displays the "Unactivated License" error
- Unable to deploy the license of Vulnerability Protection
On the Apex One agent console:
- The Apex One Vulnerability Protection is disabled on the agent machine

Scenario 1:

The following can be seen in the ivp_server0 log gile located at …\Trend Micro\Apex One\iServiceSrv\iVP folder

Aug 09, 2019 1:39:36 PM com.trendmicro.ivp.core.Core main
SEVERE: Failed to start iVP server.
com.microsoft.sqlserver.jdbc.SQLServerException: The server [apex one servername] is not configured to listen with TCP/IP.
        at com.microsoft.sqlserver.jdbc.SQLServerException.makeFromDriverError(SQLServerException.java:228)
        at com.microsoft.sqlserver.jdbc.SQLServerConnection.getInstancePort(SQLServerConnection.java:5923)
        at com.microsoft.sqlserver.jdbc.SQLServerConnection.primaryPermissionCheck(SQLServerConnection.java:2347)
        at com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:2083)

Based on the log file, the communication via TCP/IP is disabled. This prevents Vulnerability Protection from starting because it cannot connect to the SQL Server.

Scenario 2:

The root cause of this issue could be that the Apex One server is using a certificate with private key un-exportable, which conflicts with Vulnerability Protection server constraints.

Based on the Vulnerability Protection Service debug log (e.g. ivp_server0.log located at C:\Program Files (x86)Trend Micro\Apex One\iServiceSrv\iVP\), the following error log generated out which indicates the Vulnerability Protection server fails to validate the Apex One server website certificate.

SEVERE: Failed to start iVP server.
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Scenario 3:

After migrating the database from SQL Express to SQL Standalone, you can no longer deploy the Vulnerability Protection (VP) license.

Deployment of the VP license from the License Management console of Apex Central shows the status "Unsuccessful" with the following error message:

"License deployment was unsuccessful.
Vulnerability Protection Service: Unknown Error”

When trying to manually start the VP Service, the status shows "Running" then suddenly goes back "Stopped".

Based on ivp_server0.log (C:\Program Files (x86)\Trend Micro\Apex One\iServiceSrv\iVP\):

SEVERE: Failed to start iVP server.
java.lang.Exception: Database(LOCALHOST-ApexOne) doesn't exist.
  at com.trendmicro.ivp.core.Core.initDatabase(Core.java:502)
  at com.trendmicro.ivp.core.Core.start(Core.java:99)
  at com.trendmicro.ivp.core.Core.main(Core.java:84)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  at java.lang.reflect.Method.invoke(Method.java:498)
  at com.exe4j.runtime.LauncherEngine.launch(LauncherEngine.java:65)
  at com.exe4j.runtime.WinLauncher$2.run(WinLauncher.java:96)

To fix the issue, perform the steps below:

For Scenario 1:

On the Apex One Server, navigate to the SQL server.
Enable TCP/IP. Do the following:
1. Open SQL Server Configuration Manager > [designated SQL Server Network Configuration for apex one] > Client Protocols > TCP/IP.
2. Double-click TCP/IP. This will open the TCP/IP Properties window.
3. Click on the dropdown for "Enabled", and choose Yes.
4. Click OK.
Restart the following services:
- SQL Browser Service
- SQL Service for Apex One
- Apex One Master Service
- Trend Micro Apex Central Service

To confirm that the issue is resolved, do the following:

Login to the Apex Central console, and navigate to Administration > License Management > Managed Products.
Vulnerability protection will now be shown as successfully deployed.

The Activated Products column will display a number to indicate the successful license deployment for the designated product.
Redeploying the policy from Apex Central will no longer encounter any problems.
Vulnerability Protection service is enabled on the agent machine.

For Scenario 2:

There are two conditions in resolving this issue:

If the Apex One server website uses a 3rd party certificate (e,g, a certificate signed by corporate Certificate Authority), follow the article on Configuring Apex One to use a certificate signed by corporate Certificate Authority . In re-importing the certificate, make sure to select the option "Mark this key as exportable..."

If the Apex One server uses self-signed certificate, please follow these steps:

Renew the Apex One server web site certificate.

On the OfficeScan / Apex One server, open a Command prompt and go to this location:
\Program Files (x86)\Trend Micro\OfficeScan\PCCSRV directory
\Program Files (x86)\Trend Micro\Apex One\PCCSRV directory
Run the following command to add a new certificate to the IIS certificate store:
svrsvcsetup –GenIISCert
Confirm that the certificate is renewed.
Open the IIS Manager console (inetmgr.exe).
In the IIS Manager, expand the Sites folder and highlight the OfficeScan virtual site.
In the Actions pane, click Bindings... to open the Site Bindings window.
In the Site Bindings window, select type="https" and click Edit.... The Edit Site Binding window will appear.
From the SSL Certificate section, click Select... and verify that the certificate expiration date has been extended, or select the certificate with the latest expiration date.
Click OK to close the window.

Remove the old web site certificate.

Open the Certificates MMC Snap-In,
Navigate to Certificates (Local Computer) > 'Personal' Store
Find the expired certificate. Right-click on the certificate then select Delete.

For Scenario 3:

On the Apex One server, verify that the account set in the config.properties of VP server is accurate and update it if necessary. To do this:

On the Apex One server, navigate to C:\Program Files (x86)\Trend Micro\Apex One\iServiceSrv\iVP.
Back up the current config.properties and drag the original file into Notepad to view the details.
Ensure that configured inputs are the details you use to successfully log in to Microsoft SQL Server Management Studio.

For this issue, we will update the database.server value from database.server=LOCALHOST\\OFFICESCAN to database.server=LOCALHOST.
We will also update the encrypted password (database.password) with plain text then restart VP Service. After that, it will automatically encrypt the password again.
Restart the Apex One Master Service (ofcService.exe) and VP Service (iVPServer.exe).
The VP Service should now run properly without the DB error showing in ivp_server0.log and VP license should now be deployed.

In case iVPServer.exe is still not running or if the VP license is not deployed, verify in ivp_server0.log for other possible issues.

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

"Vulnerability Protection Service: Unknown Error" is displayed on the console of Apex Central

"Vulnerability Protection Service: Unknown Error" is displayed on the console of Apex Central

Product / Version includes:

Summary