Off-premise agents not showing in off-premises view

Off-premise agents not showing in off-premises view of Apex One 2019 console

- Updated:
- 17 May 2021
- Product/Version:
- Apex One All.All
- Platform:
- N/A N/A

Summary

Off-premise agents connected to the Edge Relay Server are not visible on the off-premise view filter of the Apex One 2019 console.

Upon checking the IIS logs on Edge, you will see the following:

===============START====================
  2019-05-21 15:27:50 10.10.2.186 GET /officescan/cgi/isapiClient.dll RequestID=208&functiontype=0&uid=65f83259-1e19-44fa-9ab8-58d14e59d554 443 - 103.75.227.140 - - 403 16 2148204809 140 
  2019-05-21 15:27:47 10.10.2.186 GET /officescan/cgi/isapiClient.dll RequestID=208&functiontype=0&uid=65f83259-1e19-44fa-9ab8-58d14e59d554 443 - 103.75.227.140 - - 403 16 2148204809 140
  ================END=====================

HTTP error 403.16 indicates a client certificate trust issue.

Details

Root Cause

The certificates are non-self-signed and not in the proper certificate location. Running the command in the solution below will identify the non-self signed certificates and move them over to the correct certificate location.

Solution

To resolve the issue, run the following commands on the Edge Relay Server:

Use the following PowerShell command to identify non-self-signed certificates:
Get-Childitem cert:\LocalMachine\root -Recurse |
Where-Object {$_.Issuer -ne $_.Subject}
Move these non-self-signed certificates into the Intermediate Certification Authorities (i.e. CA) store using the following commands:
Get-Childitem cert:\LocalMachine\root -Recurse |
Where-Object {$_.Issuer -ne $_.Subject} |
Move-Item -Destination Cert:\LocalMachine\CA