How Can We Help?
Unable to log in to ESET PROTECT Web Console after migrating to a new Virtual Appliance
Issue
- You are unable to log in to the ESET PROTECT Web Console after the migration from ESET PROTECT Virtual Appliance (CentOS) to ESET PROTECT Virtual Appliance (Rocky Linux)
Solution
If you migrate to a new ESET PROTECT Virtual Appliance, you cannot log in to the ESET PROTECT Web Console until a new SHA2 certificate is issued. However, this is not possible until the security of the whole operating system is decreased by allowing SHA1.
- To allow SHA1 on the new ESET PROTECT Virtual Appliance, run the following command and then restart the operating system.
update-crypto-policies --set DEFAULT:SHA1 - Log in to your ESET PROTECT Web Console.
- Enable Advanced security and restart the ESET PROTECT Server service. Create a new SHA2 CA and sign a server certificate with the new SHA2 CA.
- Wait until the public part of the newly created SHA2 CA is replicated to all ESET Management Agents and then change the Server certificate to a new SHA2 Server certificate.
- To disable SHA1 and return to the previous cryptographic policy, run the following command:
update-crypto-policies --set DEFAULT - Restart the operating system.
You should now be able to log in to the ESET PROTECT Web Console on the migrated ESET PROTECT Virtual Appliance.
