Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 955 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SEC reinstall Not Ask for Certificate

JFC

I did a re-install: (Uninstall soft, delete folders, delete some registry keys but not all... I wasnt sure)

Now SEC's Wizard NOT ASK for certificates backup no create new ones neither as the first time install. Where should I look for in case something left from uninstall?

Also iam not sure if this certificate issue is not allowing remote-clients to connect back SEC

Any help is appreciate!

JFC

:39933


This thread was automatically locked due to age.
Parents
  • 0

    HI,

    When you are talking about certificates, is this for RMS or for Encryption?  You mention clients talking to SEC so I'll assume RMS.

    When you install a SEC for the first time (no Sophos keys a clear slate) certificate info is stored under:

    64-bit:

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Certification Manager

    32-bit:

    HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Certification Manager

    As a quick test:

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Certification Manager\CertAuthStore\cac

    Should be the same as:

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Messaging System\cac

    on all the endpoints.

    When you uninstall the management server, the key:

    64-bit:

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Certification Manager

    32-bit:

    HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Certification Manager

    is left behind, so if you re-install the management server software on the same computer in the future, new certificates aren't created and existing ones are used.  This way existing managed clients can continue to report in.

    Regards,

    Jak

    :39939
Reply
  • 0

    HI,

    When you are talking about certificates, is this for RMS or for Encryption?  You mention clients talking to SEC so I'll assume RMS.

    When you install a SEC for the first time (no Sophos keys a clear slate) certificate info is stored under:

    64-bit:

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Certification Manager

    32-bit:

    HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Certification Manager

    As a quick test:

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Certification Manager\CertAuthStore\cac

    Should be the same as:

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Messaging System\cac

    on all the endpoints.

    When you uninstall the management server, the key:

    64-bit:

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Certification Manager

    32-bit:

    HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Certification Manager

    is left behind, so if you re-install the management server software on the same computer in the future, new certificates aren't created and existing ones are used.  This way existing managed clients can continue to report in.

    Regards,

    Jak

    :39939
Children
No Data