Policy installation fails for all gateways with SIC error "Internal SSL authentication SSL error [Got alert from peer that the certificate expired]".
Security Management Server / Domain Management Server has lost SIC connections with all managed Security Gateways.
Reinitializing SIC between the Security Management Server / Domain Management Server and managed Security Gateways does not resolve the issue.
$CPDIR/log/cpd.elg file on the Security Management Server / Domain Management Server contains the following messages:
SIC Error for LSMServerAddon: Got alert from peer that the certificate expired
Renew_SIC_Cert_cb: CPD failed to renew sic certificate. status = 3, rc - -1.
When installing policy it fails with:
Installation failed. Reason: Internal SSL authentication SSL error [unknown]
When installing policy it fails with:
Installation failed. Reason: Internal SSL authentication error [ Certificate expired.]
Cause
The Security Management Server / Domain Management Server database was imported from a different machine, and the hostname has been changed. As a result, the ICA fails to renew the certificates.