|Email Plug-in (Reporting):||18.104.22.168|
|Email Plug-in (Encryption):||22.214.171.124|
Hi, we are getting the following error messages: The certificate used by the appliance to communicate with the SDR service was invalid or expired. Make sure that the appliance is able to fetch a valid certificate from the updater server. Anyone knows how to solve it? We are running latest GD AsyncOS 13.x.
Firstly, make sure that your feature keys for SDR are not expired.
Then make sure that the Update setting is set to Cisco IronPort Update Servers.
[Security Services -->Service Updates --> Edit Update Settings]
Please find attached the screenshot.
Once the above settings are in place, perform the command "updatenow force" in the CLI and monitor the ESA appliance.
I hope the above steps help!
which licence is needed to SDR? I can't find any referal in licensing guide or CCW for SDR licensing?
Settings were already set as you described. All other services were updated successfuly.
Telnet to v2.sds.cisco.com:443 also works.
The reports stoped coming yesterday morning. I'm still not 100% if that is related to changing parameter "Do you want to verify server certificate?" from Y to N on sdrconfig CLI command I've did yesterday. Still testing - putting it back to Y.
I've also run
# sdrupdate force
Requesting forced update of SDR client package
Component Version Last Updated
SDR Client 1.0 Never updated
Hi, I was unable to reproduce problem. SDR works flawlessly and we are not getting any error messages. Really strange.
I've cheched the SSL inspection in the first place: it was turned off from the beginning.
I'll check the URL filtering certificates if the problem would reappear.
Thank you both.