Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

“Error: Unable to load agent private key. Error: 0906A068…” appears when activating the Deep Security Agent (DSA)

    • Updated:
    • 11 Sep 2015
    • Product/Version:
    • Deep Security 8.0
    • Deep Security 9.0
    • Deep Security 9.5
    • Deep Security 9.6
    • Deep Security as a Service 2.0
    • Platform:
    • CentOS 6 32-bit
    • CentOS 6 64-bit
    • Linux - Red Hat RHEL 5 32-bit
    • Linux - Red Hat RHEL 5 64-bit
    • Linux - Red Hat RHEL 6 32-bit
    • Linux - Red Hat RHEL 6 64-bit
    • Linux - SuSE 10 64-bit
    • Linux - SuSE 11
    • Linux - SuSE 11 64-bit
    • Ubuntu 10.04 64-bit
    • Ubuntu 12.04 64-bit
    • Windows 2003 Enterprise
    • Windows 2003 Enterprise 64-bit
    • Windows 2003 Server R2
    • Windows 2008 Server R2
    • Windows 2008 Server R2 with Hyper-V(TM)
    • Windows 7 32-bit
    • Windows 7 64-bit
    • Windows 8 32-bit
    • Windows 8 64-bit
    • Windows Vista 32-bit
    • Windows Vista 64-bit
    • Windows XP Professional
    • Windows XP Professional 64-bit
Summary
During the activation of DSA in Deep Security Manager (DSM), you receive the following error message:
Error: Unable to load agent private key.
Error: 0906A068: PEM routines: PEM_do_header: bad password read []
Unable to connect to the agent on the local machine.

Unable to connect to the agent on the local machine.  
You also see the following symptoms:
  • Trend Micro Deep Security Agent service will not start by either using the services MMC or by issuing the “dsa_config/e” command.
  • The Notifier shows an “Unknown/Unreachable” agent status.
Details
Public
This error is caused by a multiple reboot during the activation process of DSA. This interrupted the download of relevant files such as *.db files, config.bin (compiled DSA confirmation) and certificate files from the DSM server.
Reinstalling the DSA will fix the issue, but it is not applicable if you have an automated VM provisioning process.
To resolve the issue:
  1. Delete the following files from C:\Program Files\Trend Micro\Deep Security Agent\:
    • *.db
    • *.ini except patch.ini
    • *.crt
  2. Start the Trend Micro Deep Security Agent service by running this command:
    net start ds_agent
  3. Run the following command to restart the activation:
    dsa_control /a dsm://4120/
    Note: If you are using automated VM provisioning, put the command above at the end of the script to make sure that the reboot is completed and the DSA activation will not be interrupted.
Premium
Internal
Rating:
Category:
Configure; Deploy; Register
Solution Id:
1061246
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.