Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2385
Views
10
Helpful
5
Replies

failed to update policy with serial number

Go to solution
mallaith
Level 1
Level 1

‎01-15-2022 09:56 PM - edited ‎01-15-2022 09:58 PM

Hi,

 

I am getting this error recently when I move computers to another policy.

 

 failed to update policy with serial number 

AMP policy error.JPG

 

Error CodeDescription

3240099844
Configuration reload failed

 

 

 

It was working last week and there are no changes in the network or firewall rules.

Any advice.

 

 

 

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
IIIC
Level 1
Level 1
In response to mallaith

‎01-17-2022 06:52 AM

I had the same issue and it turned out the following certificate was missing:

 

Thumbprint: df717eaa4ad94ec9558499602d48de5fbcf03a25

Subject Name: C=US, O=IdenTrust, CN=IdenTrust Commercial Root CA 1

 

See the following article that was updated today

 

https://www.cisco.com/c/en/us/support/docs/security/amp-endpoints/216943-list-of-root-certificates-required-for-a.html

 

View solution in original post

5 Replies 5

Go to solution
Troja007
Cisco Employee
Cisco Employee

‎01-17-2022 01:13 AM

Hello @mallaith ,

do you see this issue on a single host or multiple hosts?

Greetings, Thorsten

0 Helpful

Go to solution
mallaith
Level 1
Level 1

‎01-17-2022 01:19 AM

Hi @Troja007 

 

Multiple hosts Windows Server 2012R2 and Windows Server 2008 R2

0 Helpful

Go to solution
IIIC
Level 1
Level 1
In response to mallaith

‎01-17-2022 06:52 AM

I had the same issue and it turned out the following certificate was missing:

 

Thumbprint: df717eaa4ad94ec9558499602d48de5fbcf03a25

Subject Name: C=US, O=IdenTrust, CN=IdenTrust Commercial Root CA 1

 

See the following article that was updated today

 

https://www.cisco.com/c/en/us/support/docs/security/amp-endpoints/216943-list-of-root-certificates-required-for-a.html

 

Go to solution
mallaith
Level 1
Level 1
In response to IIIC

‎01-17-2022 09:53 PM

Dear @IIIC 

 

 

Thank you very much. There was a missing certificate and I have imported the certificate from one of the working servers.

 

75E0ABB6138512271C04F85FDDDE38E4B7242EFE CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root

 

 

0 Helpful

Go to solution
IIIC
Level 1
Level 1
In response to mallaith

‎01-17-2022 11:49 PM

Glad to hear it helped.

0 Helpful
Customers Also Viewed These Support Documents