Upon further investigation, the affected linux agent might be encountering a communication issue with the Trend Micro Servers due to an SSL Certificate Issue (See log Snippet):

Logs

 [Error/1] | Failed download: https://files.trendmicro.com/products/deepsecurity/en/linuxsensor/index/ksp-index-RedHat_EL6.x86_64.zip: SSL certificate problem: self signed certificate in certificate chain | plugin/dsp/ksp/service.lua:106:download | 2AD3:7F2A03DFF700:dsp.ksp.service

 [Error/1] | Failed download: https://files.trendmicro.com/products/deepsecurity/en/linuxsensor/index/ksp-index-RedHat_EL6.x86_64.zip: SSL certificate problem: self signed certificate in certificate chain | plugin/dsp/ksp/service.lua:106:download | 2AD3:7F2A03DFF700:dsp.ksp.service	

Steps

To perform initial isolation, go to the following steps:

1. Check the List of Trend Micro Vision One Linux Kernel Support.
2. Confirm whether a MITM proxy or firewall is used. If yes, you may check the following KB articles on whitelisting URLs to allow communication between agents and Trend Micro Servers:
   • URLs to be whitelisted for Trend Micro Services (per region)
3. Collect the stdout of the command below to verify if the communication is established.
   • (Command without proxy): # curl -k -l -vvv https://files.trendmicro.com
   • (Command with proxy): # curl -k -l -vvv --proxy [protocol://]host[:port] https://files.trendmicro.com

If the issue persists, apply the root certificates to the affected agent:

1. Download the https://web.entrust.com/root-certificates/entrust_g2_ca.cer
2. Move the entrust_g2_ca.cer to /etc/pki/ca-trust/source/anchors folder.
3. Use the below command to reload:
   1. $ update-ca-trust
   2. Log on to Trend Micro Vision One web console > Go to Endpoint Inventory, and try again.