Off-premise agents connected to the Edge Relay Server are not visible on the off-premise view filter of the Apex One 2019 console.
Upon checking the IIS logs on Edge, you will see the following:
===============START====================
2019-05-21 15:27:50 10.10.2.186 GET /officescan/cgi/isapiClient.dll RequestID=208&functiontype=0&uid=65f83259-1e19-44fa-9ab8-58d14e59d554 443 - 103.75.227.140 - - 403 16 2148204809 140
2019-05-21 15:27:47 10.10.2.186 GET /officescan/cgi/isapiClient.dll RequestID=208&functiontype=0&uid=65f83259-1e19-44fa-9ab8-58d14e59d554 443 - 103.75.227.140 - - 403 16 2148204809 140
================END=====================
HTTP error 403.16 indicates a client certificate trust issue.
Root Cause
The certificates are non-self-signed and not in the proper certificate location. Running the command in the solution below will identify the non-self signed certificates and move them over to the correct certificate location.
Solution
To resolve the issue:
- Use the following PowerShell command to identify non-self-signed certificates:
Get-Childitem cert:\LocalMachine\root -Recurse |
Where-Object {$_.Issuer -ne $_.Subject} - Move these non-self-signed certificates into the Intermediate Certification Authorities (i.e. CA) store using the following commands:
Get-Childitem cert:\LocalMachine\root -Recurse |
Where-Object {$_.Issuer -ne $_.Subject} |
Move-Item -Destination Cert:\LocalMachine\CA