F-Secure Policy Manager Proxy 14.30 (Linux) DEB admin.pub Issue

Ivanh
Ivanh W/ Alumni Posts: 7 Junior Protector

Hello,

I have Installed the F-Secure Policy Manager on one Linux Server. It's all good and runs normally. Now I'm trying to Install "F-Secure Policy Manager Proxy 14.30 (Linux) DEB" from https://www.f-secure.com/en/business/downloads/policy-manager-for-linux on Debian 9 Stretch, but I can't start the fspms Service as it's failing with bellow error about admin.pub which I've download from the Policy Manager Server

/opt/f-secure/fspms/bin/fspms-config

F-Secure Policy Manager Proxy configuration utility.
Copyright (c) 1997-2018 F-Secure Corporation. All Rights Reserved.

There is a README file in the /opt/f-secure/fspms/ directory.
The README contains links to the release notes and license terms for the product.

Please read the license terms referenced in the README file.
You must accept the terms to use F-Secure Policy Manager Proxy.

You will be asked a few questions regarding the product installation.
The default value will be shown in square brackets after the questions.
To accept the default value, just press Enter.

[ ok ] Stopping fspms (via systemctl): fspms.service.


Specify the details for communication with F-Secure Policy Manager. Enter the server’s IP address or its DNS name.

Server address [10.10.0.99]:

HTTPS port [443]:


You need to install the management public key to ensure secure communication with F-Secure Policy Manager.

Path to the management public key [/var/opt/f-secure/fspms/data/admin.pub]:


Configure the ports for the Policy Manager Proxy.

Host module HTTP port [99]:

Host module HTTPS port [443]:


Enter the details for your Policy Manager administrator account to authorize TLS certificate enrollment.

User name []: admin

Password:
Error: error creating bean with name 'com.fsecure.fspms.proxy.TrustAllUpstreamPmClient': Bean instantiation via constructor failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [com.fsecure.fspms.proxy.TrustAllUpstreamPmClient]: Constructor threw exception; nested exception is java.lang.RuntimeException: Error during loading admin.pub
[....] Starting fspms (via systemctl): fspms.serviceJob for fspms.service failed because the control process exited with error code.
See "systemctl status fspms.service" and "journalctl -xe" for details.
 failed!

Configuration is complete. You can manage the F-Secure Policy Manager Proxy
manually by typing '/etc/init.d/fspms {start|stop|restart|status}'.
Thank you for using F-Secure product.

Can you please advice?

Many Thanks

Comments

  • MonikaL
    MonikaL W/ Alumni Posts: 206 W/ Former Staff

    Hi Ivanh,

     

    It seems an internal error occurred on TLS certificate enrollment during the loading of "admin.pub" file. The file could be different or corrupted.
    Hence, it is recommended to download a new "admin.pub" file from the master Policy Manager using your browser by entering the following URL.

     

    https://<policy_manager_server_IP_or_host name>:<https_port number>

     

    Once it is done, run the Policy Manager installer again and enter the path to the retrieved "admin.pub" file together with the credentials for your administrator account on the master Policy Manager Server.

     

    Regards,
    Monika

  • Ivanh
    Ivanh W/ Alumni Posts: 7 Junior Protector

    Hello @MonikaL ,

    Thank you very much for getting back to me.

    I have already Downloaded the admin.pub few times from http://10.10.0.99:99/ which is my Policy Manager Server on which in the URL mentioned I see:

    If you see this message, F-Secure Policy Manager Server is installed and is working fine.
    
    F-Secure Policy Manager Server's host interface status can be checked here.
    
    F-Secure Policy Manager Server's management public key used by clients to verify validity of distributed policies can be downloaded from here.

    admin.pub content is:

    3082 01b6 3082 012a 0605 2b0e 0302 0c30
    8201 1f02 8181 00fd 7f53 811d 7512 2952
    df4a 9c2e ece4 e7f6 11b7 523c ef44 00c3
    1e3f 80b6 5126 6945 5d40 2251 fb59 3d8d
    58fa bfc5 f5ba 30f6 cb9b 556c d781 3b80
    1d34 6ff2 6660 b76b 9950 a5a4 9f9f e804
    7b10 22c2 4fbb a9d7 feb7 c61b f83b 57e7
    c6a8 a615 0f04 fb83 f6d3 c51e c302 3554
    135a 1691 32f6 75f3 ae2b 61d7 2aef f222
    0319 9dd1 4801 c702 1500 9760 508f 1523
    0bcc b292 b982 a2eb 840b f058 1cf5 0281
    8100 f7e1 a085 d69b 3dde cbbc ab5c 36b8
    57b9 7994 afbb fa3a ea82 f957 4c0b 3d07
    8267 5159 578e bad4 594f e671 0710 8180
    b449 1671 23e8 4c28 1613 b7cf 0932 8cc8
    a6e1 3c16 7a8b 547c 8d28 e0a3 ae1e 2bb3
    a675 916e a37f 0bfa 2135 62f1 fb62 7a01
    243b cca4 f1be a851 9089 a883 dfe1 5ae5
    9f06 928b 665e 807b 5525 6401 4c3b fecf
    492a 0381 8500 0281 8100 8d47 5059 e0f2
    fc43 58a5 7d53 733f 7bf5 281f 4deb 3169
    6372 801b cf42 189e 1d30 2728 e4af bd44
    b8b6 c08c e293 ccc9 2b8b 4ae4 06f0 b637
    6aa6 75ae d727 1c01 391a 9284 d612 3f69
    a521 c75d 9877 4c9f 6888 86db abbe 2bb2
    d3e7 84fc 3aa6 f69b 94c9 86df 439d 4324
    65aa 441a d172 ed57 bd3d fc7a 5550 bd6f
    5b09 a05a f8ff 9737 e9fe 

    I've copied this to the Policy Manager Proxy and saved it in admin.pub and specified the path to it but I'm still getting the same error.

    Any advice would be highly appreciated.

    Thanks

This discussion has been closed.