To fix this issue, follow the steps in Configuring Apex One to use a certificate signed by corporate Certificate Authority . These set of instructions will deploy the certificate.
If the issue persists after the actions above, please collect the new CDT from both the Apex One server and the endpoint when doing a manual update at the agent side.
Apex One2019
When deploying new policies, the following error can be seen:
"Pending: Managed Server Deploying"
Upon checking, the Apex One Vulnerability Protection agent fails to communicate with the server because of the certificate.
In ofcdebug.log:
2020 02/06 16:02:07 [2608 : 2740] (00) (D) [][iVPAgent.exe]winHttpStatusCallback - @@@ WINHTTP_CALLBACK_STATUS_SENDING_REQUEST - [olh_winhttpclient.cpp(50)] 2020 02/06 16:02:07 [2608 : 2740] (00) (D) [][iVPAgent.exe]VerifyServerCert - >> - [olh_winhttpclient.cpp(772)] 2020 02/06 16:02:07 [2608 : 2740] (00) (E) [][iVPAgent.exe]VerifyServerCert - Failed to verify the SSL certificate - [olh_winhttpclient.cpp(820)] 2020 02/06 16:02:07 [2608 : 2740] (00) (D) [][iVPAgent.exe]VerifyServerCert - << 0 - [olh_winhttpclient.cpp(827)] 2020 02/06 16:02:07 [2608 : 2740] (00) (E) [][iVPAgent.exe]winHttpStatusCallback - Close connection due to certificate verification failure - [olh_winhttpclient.cpp(78)] 2020 02/06 16:02:07 [2608 : 2740] (00) (D) [][iVPAgent.exe]SendInHTTPSWithWinHttp - Failed at sending a request, verb: [POST] err : [12017] - [olh_winhttpclient.cpp(456)]
From the product files list, the certificate file OfcIPCer.dat may not be getting updated.
To fix this issue, follow the steps in Configuring Apex One to use a certificate signed by corporate Certificate Authority . These set of instructions will deploy the certificate.
If the issue persists after the actions above, please collect the new CDT from both the Apex One server and the endpoint when doing a manual update at the agent side.
