Summary
The policy deployment from Apex Central to the Apex One features (e.g. Application Control, Vulnerability Protection, Endpoint Sensor, etc.) gets stuck in "Pending: Managed server deploying" status.
Root Cause Analysis
Errors can be seen in the the following logs:
- "failed to get private key" error in Apex One ofcdebug.log located at..\Trend Micro\Apex One\PCCSRV\Log\:
2020 05/05 11:50:12 [144c : 2438] (00) (D) [][ofcservice.exe] getPFXFromCertificateStore - find one certificat matches the subject name=[OfcOSFWebApp] - [libosfsvcclientutility.cpp(289)] 2020 05/05 11:50:12 [144c : 2438] (00) (E) [][ofcservice.exe] extractKeyPairFromPFX - failed to get private key, pkey is null - [libosfsvcclientutility.cpp(442)] - "No client certificate, Authenticate failed" and "http response code=401" errors in Apex One ofcdebug.log located at..\Trend Micro\Apex One\PCCSRV\Log\:
2020 05/05 11:50:12 [68f4 : 0089] (00) (E) [-iAC-][w3wp.exe][SendAsync] [Mutual Authenticate] No client certificate, Authenticate failed, url:([Apex One FQDN]/officescan_iac/osf/ONQUERY) - [SecMsgHandler.cs(26)] 2020 05/05 11:50:12 [144c : 2438] (00) (E) [][ofcservice.exe] BoostHTTPClient::receive - http response code=401 - [libosfsvcclienthttpclient.cpp(101)]
Below are factors that can cause the policy deployment status to get stuck at "Pending: Managed server deploying" status:
- The "failed to get private key" error in Apex One ofcdebug.log happens because OSF certificate private key cannot be exported in the environment. This can occur when the OSF certificates were replaced with 3rd-party certificates, but the "Mark this key as exportable" option was not enabled when the 3rd-party certificates were imported.
- The "No client certificate, Authenticate failed" and "http response code=401" errors in Apex One ofcdebug.log can happen because of a misconfiguration in the SSL Settings for the OSFWebapp Site. The mutual authentication requires SSL, but if the SSL setting is misconfigured for the OSFWebapp site, it will return the HTTP 401 error.
Details
