Environment
- App Control Server: 8.7.0-8.7.2
Symptoms
- Large Quantity of healthcheck messages with ID 960. With the error:
Severity[High]: Server certificate list has been stored but has been determined to be invalid during file transfer
- Health Check errors on the current Server Certificate:
Severity[High]: Untrusted server certificate. Issuer [<CNAME>], Serial Number [<SERIALNUMBER>]
Cause
An error with the updating of the TrustedCertList.pem file took place on 8.7.0.
Resolution
This update issue has been resolved per EP-14450. This keeps the file from causing errors in the future, but does not resolve the previous file.
Automatic Repair:
- Verify that the Trusted Communication Certificates panel is visible under Administration > System Configuration > Security tab
- If not listed, enable using these directions
- In the Trusted Communication Certificates panel Disable and Re-enable one of the certificates listed. This will auto generate a new PEM file
Manual Rebuild
- On the App Control Server delete the following file:
C:\Program Files (x86)\Bit9\Parity Server\Hostpkg\TrustedCertList.pem
- Restart the App Control Server Service
Additional Notes
- The steps above will only be required once, if upgraded to the 8.7.2 release.
- If the server remains on the 8.7.0 release, the steps above will be required every time the Server Certificate is updated.