Policy installation fails for all gateways with SIC error "Internal SSL authentication SSL error [Got alert from peer that the certificate expired]"

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk102975
Technical Level
Product	Quantum Security Management, Multi-Domain Security Management
Version	All
Date Created	13-Oct-2014
Last Modified	07-Mar-2022

Symptoms

Policy installation fails for all gateways with SIC error "Internal SSL authentication SSL error [Got alert from peer that the certificate expired]".
Security Management Server / Domain Management Server has lost SIC connections with all managed Security Gateways.
Reinitializing SIC between the Security Management Server / Domain Management Server and managed Security Gateways does not resolve the issue.
$CPDIR/log/cpd.elg file on the Security Management Server / Domain Management Server contains the following messages:
- SIC Error for LSMServerAddon: Got alert from peer that the certificate expired
- Renew_SIC_Cert_cb: CPD failed to renew sic certificate. status = 3, rc - -1.
When installing policy it fails with: Installation failed. Reason: Internal SSL authentication SSL error [unknown]
When installing policy it fails with: Installation failed. Reason: Internal SSL authentication error [ Certificate expired.]

Cause

The Security Management Server / Domain Management Server database was imported from a different machine, and the hostname has been changed. As a result, the ICA fails to renew the certificates.

Solution

Note: To view this solution you need to Sign In .