SSL problem in FSPMC 13.00
Hello,
What does this mean and is there a solution?
(The same credentials used to work for Active Directory Import Structure in previous versions, up to F-Secure Policy Manager Console 12.40)
Thanks in advance, Yours Sincerely: Tamas Feher, Hungary.
******************************
Comments
-
Hello Tamas,
As of version 13.00, Policy Manager uses LDAPS (secure LDAP) by default to connect to the Domain Controller (DC) for Active Directory. On Windows, Policy Manager uses the Windows trust store to handle authentication to the DC seamlessly. You must import CA to the Windows Trusted Root Certification Authorities if PM host is outside of the domain network.
On Linux, you must import the company certificate in Policy Manager Server's Java runtime trust store to authenticate the DC.
Alternatively, you can use plain LDAP to connect to the DC.
Alexander
7 -
Hi,
Is FSPMC 13.00 already released?
1 -
Hello,
I am using the 13.00 RC version, but I guess the RTM/Gold could be released as soon as this Friday, if the history of previous versions is any indication.
Best Regards: Tamas Feher, Hungary.
1 -
Thank you for this information!
0 -
Hello everybody,
PM and CS 13.00 were already released today, few hours ago.
Best regards,
Vad
2 -
yes but with wrong keycodes for CS13
0 -
Hello Rob-K,
CS13 requires new keycodes. Do you mean that provided keycode does not work for you?
0 -
Yes - when I access the license documents in the partner portal (for my self and my customers) the keycodes for version 13 do not work.
For the V13 Premium they start with ****-
for the V13 Standard they start with ****-
when pushing the installation via Policymanager 13 - both generate a keycode expired message
EDIT: Masked License code
0 -
Hello Rob-K,
The keycodes you mention are for 12.x clients. Please, try to clear the cache of your browser.
We had checked, that partner portal contains correct keys.
Best regards,
Vad
0 -
... they are on the PDF document! Not in Webpage
0 -
PDF should be fixed now. Please, check.
Best regards,
Vad
2 -
indeed - PDFs are fixed now
0 -
Thanks for your reply, i has same problem while the PM is already joint the domin and firewall is off on both servers (AD and PM)
please give direct instruction or direct me to the right document
0 -
Hello hussainbah,
Do you have the same error “Failed to verify SSL server certificate”?
Could you please check if CA certificate was imported to the Windows Trusted Root Certification Authorities?
If it is acceptable in your environment, you can still use LDAP without SSL.
Alexander0 -
That the most lousy piece of support i have ever seen for an enterprise product. No step by step instructions and the error message in the application isnt even detailed enough to give the installer a proper overview of the issue. and the documentation for it is non exisitant or basically the same as what you have stated. I would get my money back if i were one of the users with this issue. Getting support over the phone is another hassle.
1 -
Hi.... wich certificate? From der PM Server to the AD-Server or the otherway??
0 -
Hi Joe31,
If Windows host running Policy Manager Server is joined to the domain, you do not need to import anything, LDAP server certificate validation should work out of the box.
If PMS fails to verify LDAPS server certificate, you need to establish trust relationship manually by importing CA certificate (LDAP server certificate issuer) to the Windows Trusted Root Certification Authorities at PMS host.
For Linux it’s a bit more complex. Check the page in the Admin Guide for further details: https://help.f-secure.com/product.html#business/policy-manager/14.00/en/task_A2581FFE289649E6A64D0BE5182E86AF-14.00-en
Alexander
0 -
Hi There,
getting similar error Policy manager & Console on AD server any sujjestions?
DX
0 -
Hi DX,
What is your PM version? What did you try from suggestions above?
Alexander
0 -
The windows host is fully joined member of the AD Domain an it still does not accept the ssl certificat. Using LDAP instead of LDAPS works fine. I can no finde a certificate with the name "LADP server certificate issuer" on the PDC nor on the PMS
If have about 40 CA certificates on the PDC but not one that I could relate to the LDAP issuer.
0 -
Which Policy Manager version are you using?
0 -
The newest one, just installed it, and was hopeing the issue will resove itself...
Version 14 bulid 87145 64bit
0 -
PM 14.01 is coming in a week, it contains LDAPS improvements. Please post in this thread if your problem will be resolved.
Alexander
0
Categories
- All Categories
- 4.7K WithSecure Community
- 3.6K Products
- 1 Get Support