Malware Protection Not Up to Date and Unable to check the latest update

Dear Admin,
I have encountered two update failure scenarios with our WithSecure Agent:
- Picture 1: The update check failed on a local PC at home using a direct ISP connection, even though the status indicates "connected."
- Picture 2: There is no connection to the security cloud. This means the WithSecure Agent is not receiving updates from the cloud for our local PCs in the company.
Upon checking the detailed logs, I found multiple errors related to server connection issues, including some SSL-related errors.
Please assist in checking and resolving this issue as soon as possible to prevent potential security threats and ensure protection for all our clients.
Answers
-
Hi,
Thank you for reaching out the WithSecure Community,
From version 22.1 onwards, the connectivity requirements have changed for the Elements Agent and Elements Connector. This release included a new check which contacts Certificate Revocation List (CRL) servers, related to the validity check of TLS certificates used.
We suggest to:
- Try manually install the "DigiCert Global Root CA" and "ISRG Root X1" certificates.
Connectivity requirements changed:
We do require connection to CRL URLs now. Verify that connections to the following CRL URLs work:
ocsp.rootca1.amazontrust.com
crl.sca1b.amazontrust.com
ocsp.rootg2.amazontrust.com
ocsp.sca1b.amazontrust.com
crl3.digicert.com
crl4.digicert.com
ocsp.digicert.com - If you see that the client status is not updating in the portal, or profile changes are not applied to the client, open HTTP connections to the CRL URLs.
To know more about CRL and OCSP refer to the links below:
- https://www.thesslstore.com/blog/crl-explained-what-is-a-certificate-revocation-list/
If the above suggested workaround didn't hep, the error code 12175 and 12002 may indicate that the device lacks the necessary root certificates. We believe this may be the underlying cause of the problem.
Ensure the device has root CAs from this site (listed under the 'Root CAs' section):
Note: To ensure proper functionality, install the CAs in the 'Trusted Root Certification Authorities' store rather than the 'Intermediate Certification Authorities' store.
Upon completion of the CA installation, restart the server and monitor the situation.
If the issue still remains unresolved, you can download and run the Connectivity Tool to check whether or not the host is able to connect to the WithSecure backend systems
https://download.withsecure.com/connectivitytool/ConnectionChecker.exe
If you happen to see the result that shows WithSecure domain blocking, you can whitelist *withsecure.com and *fsapi.com from your proxy/firewall. You can find more information here
Network addresses for WithSecure Elements (cloud-managed products) - WithSecure Community
0 - Try manually install the "DigiCert Global Root CA" and "ISRG Root X1" certificates.
Categories
- All Categories
- 4.8K WithSecure Community
- 3.6K Products
- 3 Get Support