Thursday, June 24, 2021

Regenerate the certificates used by the ePO server service

Before you proceed reading this article about how to regenerate the certificate used by the ePO server service?  We should know little about McAfee Certificate Error. 

McAfee Certificate Error is an ePO-based error that is regarded as the most advanced and leading security management software. The following unexpected McAfee Certificate Error appears at the top of the browser when you open the ePO console remotely. When you right-click on the error and choose View Certificate, you'll see a wrong certificate. This error occurs when an old certificate is no longer a user, the Server Certificate is updated, and the certificate is used for ePO browser authentication.

What is ePO?

The ePO server certificates are created during the installation of ePO or another Agent Handler. The certificates are issued by self-signed certificates owned by the ePO Application Server service. During the ePO installation also self-signed certificates are created.

This article describes the certificates used by the ePO server service, as well as how to re-generate them if necessary.

Certificates are used by the ePO server service to secure communications for the following:

     Client computer communications with McAfee Agent

     Communication with the ePO Application Server service on an internal level.

Note: These certificates cannot be replaced with certificates issued by another certificate authority.

The certificates are kept in a folder called ssl.crt. The following are the default locations:

Component

Path

ePO Server

C:\Program Files (x86)\McAfee\ePolicy Orchestrator\Apache2\conf\ssl.crt

Agent Handler

64-bit operating system

C:\Program Files (x86)\McAfee\Agent Handler\Apache2\conf\ssl.crt

Agent Handler

32-bit operating system

C:\Program Files\McAfee\Agent Handler\Apache2\conf\ssl.crt

Note: If you chose a non-default path during installation, the paths are different.

List of files that folder contains

 

      ahCert.crt

      ahpriv.key

      mfscabundle.cer

      pkcs12store.pfx

      pkcs12store.properties

 

You might need the path to re-create or regenerate these certificates in some circumstances. If ePO is being restored as part of the manual disaster recovery process described in KB66616, for example.

How to Generate the Certificate?

 1.   Stop the ePO Server service first.

a.   Hold and press down the Windows key + R key at the same time.

b.   Type services.msc into the field provided and press Enter.

c.   Stop the following ePO service by right-clicking it and selecting Stop

d.   McAfee ePolicy Orchestrator #.#.#  Server

e.   Now closed the service window.

2.  Ascertain that the McAfee ePolicy Orchestrator Application Server service is up and running.

3.  Check that you can access the ePolicy Orchestrator console using the following credentials:

a.     In the URL, the NetBIOS name of the McAfee ePO server An account that is an ePO administrator and uses ePO authentication (not Windows authentication) 

This account will be used to regenerate the certificates later.


 

Note: The certificate regeneration process fails if the administrator user name or password contains certain characters. Despite the fact that they are valid when accessing the ePO console. McAfee recommends changing the password to a simple alphanumeric password for the time being. Alternatively, create a new temporary administrator user with a simple password to use while the certificate is being renewed. 

After that, you can either change the password or remove the temporary administrator user.

4.  The ssl.crt folder must exist and be empty for the regeneration process to work. In the ePO or Agent Handler instal folder, look for the Apache2conf folder.

5.  Rename any existing ssl.crt folders to ssl.crt.old.

6.  Make a folder called ssl.crt and rename it.

7.  Start by typing cmd into the search box, then right-clicking and selecting Run as administrator.

8.  To get to your ePO installation folder, change directories. The default paths are listed in the section above titled "Introduction."

9.  Now Run the following command: 

Rundll32.exe ahsetup.dll RunDllGenCerts <ePO_server_name> <console_HTTPS_port> <admin_username> <password> <"installdir\Apache2\conf\ssl.crt">

Where:

      <ePO_server_name> - The ePO server NetBIOS name

      <console_HTTPS_port> - The ePO console port (default is 8443)

      <admin_username> - The ePO administrator account (see step 3)

      <password> - The password for the ePO administrator account (see step 3)

      <installdir\Apache2\conf\ssl.crt> - The full path to the empty ssl.crt folder (see step 4). Make sure that you enclose this path in double quotes.

Example:

Rundll32.exe ahsetup.dll RunDllGenCerts epo_server_name 8443 administrator password "C:\Program Files (x86)\McAfee\ePolicy Orchestrator\Apache2\conf\ssl.crt"

Important:

      If User Account Control (UAC) is enabled on this server, the command will fail. Disable this feature if the server is running Windows Server 2008 or later.

      The case of the RunDllGenCerts parameter is important.

Note:

In normal use, the command does not produce messages when it runs. After a few seconds, the ssl.crt folder is populated with the following certificate files:

      ahCert.crt

      ahpriv.key

      mfscabundle.cer

      pkcs12store.pfx

      pkcs12store.properties

A log file is created ahsetup_<ePO_server_name>.log.

10. In a text editor, open this log file. The log will end with the following lines if the   regeneration was successful:

AHSETUP The Agent Handler successfully connected to the ePO server.

AHSETUP Successfully created the Agent Handler certs.

AHSETUP Successfully created the Agent Handler CA Certificate.

AHSETUP Successfully imported the PKCS12 Certificates. 

11. Now Start ePO server service.

Conclusion

Hope this blog will help you to understand to regenerate the certificates used by the ePO server service and the concept of McAfee Certificate Error. If you still have any doubt or queries then please feel free to contact McAfee Customer Support Number. 

Sunday, June 20, 2021

How to Know "When Does My McAfee Subscription Expire"? Is it worth renewing?

Hundreds of thousands of people use McAfee Antivirus as their antivirus solution all over the world. The fact that McAfee software is a complete solution with a variety of tools and features that cover all the bases, giving you overall and solid digital and online protection, is one of the reasons why it is such a popular and widely used antivirus software. Based on your subscription duration, this McAfee subscription expires also, but you can easily fix it by renewing it again.  For more details on renewing the subscription, please visit our website
https://www.mcafeepro.com/

If you use any McAfee activated product, such as McAfee Total Protection or McAfee Live Safe, you should keep track of when your subscription is expiring. If you're lucky, you'll be able to renew and activate your subscription before it expires. This eliminates the risk of your system being unprotected and vulnerable to hacking attempts.

Steps to check your McAfee subscription

So, how do you figure out when your McAfee subscription is about to expire? Here's a step-by-step guide to help you get that information quickly so you can keep your system safe from all the latest online threats:

Check on your PC

     The first thing you should do is confirm your subscription on your computer.

     To do so, click the icon in your Taskbar tray to launch the www.mcAfee.com/activate application on your computer.

     Locate the option that says Verify Subscription and click it.

     Select Yes when the app asks for permission to make changes to your device.

     Once the process is finished, double-check the subscription information to ensure it is correct.

Visit the McAfee Activate website for more information


 

     If the above method does not work or the subscription information displayed is incorrect, you can use the McAfee subscription repair tool, which can be found on the McAfee website, or you can simply call the McAfee support number for more support.

     Sign in with your existing credentials at home.McAfee.com.

     Go to My Account page after you've logged in.

     Choose the computer or device for which you want to check the expiration date.

     Your subscription information for that device, including the expiration date, will be displayed.

     The expiry date of your McAfee product can also be found on the My Info tab of your McAfee software on the PC.

     Always double-check that the product's expiration date on your account corresponds to the one displayed in the software.

     If the information is not helpful, you can always contact McAfee customer service for assistance.

Should I renew?

Yes, you must always renew your current McAfee subscription to ensure that your device is protected indefinitely. But how will you renew it? To renew, the first step that is required is to obtain a McAfee product key.

Before you do that, keep in mind that McAfee's subscription-based products are all subject to auto-renewal. When users buy the software for the first time, they are automatically enrolled in this program. The user will be informed about this in the End User License Agreement. The credit card associated with your McAfee account expires one month before the subscription period ends. You will receive a message asking you to renew your subscription if auto-renewal is disabled. As a result, there is nothing to be concerned about when it comes to subscription renewal.

Take a printout of the subscription page as a confirmation page if you want to keep a record of this renewal. It is also not a problem if you do not want to take a print of this confirmation. The details of a subscription's expiration or renewal can also be found in the process that I discussed above.

Conclusion

McAfee Antivirus subscriptions is one of the best ways that anyone can find on the planet to protect their system from anonymous, latest cyber threats.  Hence, it is now your choice to keep the software activated. To renew McAfee Antivirus software or to know for some information regarding McAfee Antivirus you can visit our website https://www.mcafeepro.com/ or call our McAfee customer support number.

The Role of McAfee Antivirus In 2021

  McAfee is a well-known name in the antivirus space that has been around for decades.  If you're wondering which antivirus to choose fo...