Support Center > Search Results > SecureKnowledge Details
Endpoint Security clients disconnect from the Endpoint Security server Technical Level
Symptoms
  • Endpoint Security clients disconnect from the Endpoint Security server.

  • Similar logs are found in the %ProgramData%\CheckPoint\Logs\cpda.log file:
    root [debug] Sent request duration 109ms, Url: https://XX.XX.XX.XX:443/cp/connectionPoint/regep [CHTTPCall_curl::sendReq_internal]
    root [debug] Send succeeded, Got HTTP response body size: 273 bytes [CHTTPCall_curl::sendReq_internal]
    root [info ] HTTP response code: 500 [CHTTPCall_curl::sendReq_internal]
    root [debug] Request sent using local ip 192.168.188.90 [UpdateLocalIp]
    root [error] Unexpected HTTP response code: 500 [CHTTPCall_curl::sendReq_internal]
    root [error] Response without escape chars (possible truncated): 500 Proxy Error

    Proxy Error

    The proxy server could not handle the request

    Reason: Error during SSL Handshake with remote server

    [CHTTPCall_curl::sendReq_internal]

  • Similiar logs are found in the Endpoint Security server $UEPMDIR/logs/apache_error.log:
    [ssl:error] [PID] [remote x.x.x.x:443] AH02039: Certificate Verification: Error (10): certificate has expired
    [proxy:error] [PID] [client y.y.y.y:54274] AH00898: Error during SSL Handshake with remote server returned by /cp/connectionPoint/regep

  • Checking the proxy_ca.pem certificate validation via SSH on the Endpoint Security server, it is expired:
    cpopenssl x509 -in $UEPMDIR/engine/conf/ssl/proxy_ca.pem -text | grep Not

Cause

The proxy_ca.pem certificate is expired.


Solution
Note: To view this solution you need to Sign In .