Notification

Icon
Error

LsAgent failing - Lansweeper SSL Expired

Posted: Thursday, August 6, 2020 8:33:28 PM(UTC)
lansweeper25t34

lansweeper25t34

Member Original PosterPosts: 1
1
Like
We've had issues with clients using the Lansweeper agent not reporting to our server lately. Today I checked the logs on a new client that is failing and I see the SSL certificate for https://relay.lansweeper.com is expired.

The specific error from the logs is:

System.ServiceModel.Security.SecurityNegotiationException: Could not establish trust relationship for the SSL/TLS secure channel with authority 'relay.lansweeper.com'. ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

When looking at the SSL certificate, I see it's a wildcard certificate that expired on July 16, 2020.

I created a ticket, however, I received a response that they are backlogged. Hopefully, someone from Lansweeper will see this and get the certificate updated.
nlertn-PRE
#1nlertn-PRE Member Posts: 1  
posted: 8/12/2020 9:34:12 PM(UTC)
Lansweeper confirms upgrading the LSagent to the latest version will fix the problem. I had tried this and indeed fixed the issue.

This is frustrating as all our 200 clients can no longer update the Lansweeper database. We depend on the cloud services to ensure our database is updated.

Secondly Lansweeper does not inform us of a new LSAgent patch till we find out there is an issue.

Finally, the LSAgent has no built in capability of upgrading itself, hence we would have to roll it out to over 200 computers manually to get back to where we were. Lansweeper should build it into LSAgent to have the capability of updating the SSL cert without reinstalling. This would make things simple.
DaltonM
#2DaltonM Member Posts: 2  
posted: 9/13/2020 5:07:32 PM(UTC)
Just FYI.

I updated one of my client PCs and the issue is now gone.

The reason appears to be that Lansweeper changed the DNS for the relay server.

Lsagentlog.txt now shows:
DEBUG Created RelayCommunicationSender to URL https://lsagentrelay.lan...eper.com/EchoService.svc

instead of:
DEBUG Created RelayCommunicationSender to URL https://relay.lansweeper.com/EchoService.svc

it is so odd that the agent has this hardcoded and not configurable from the local server, i.e. configuration on local server --> relay --> agent. This way we could perform a smooth transition.

More concerning is that Lansweeper team did not provide a primary and a secondary DNS OR resolved that with the old DNS (with a redirection).

We will need to schedule a Unscheduled update of 800+ machines now. Applause

Active Discussions

Lansweeper Show attached USB devices
by  Dannnnooo   Go to last post Go to first unread
Last post: Today at 10:42:17 AM(UTC)
Lansweeper Lansweeper Ubiquiti AP Bullet Devices
by  Beta_Tester  
Go to last post Go to first unread
Last post: Today at 8:59:06 AM(UTC)
Lansweeper Report to find ScanServer 'not working'
by  Rocher Vincent   Go to last post Go to first unread
Last post: Today at 8:07:26 AM(UTC)
Lansweeper Security: HSTS Missing
by  Grey  
Go to last post Go to first unread
Last post: Yesterday at 9:36:49 PM(UTC)
Lansweeper Include custom ticket fields as email tags
by  brownscar   Go to last post Go to first unread
Last post: 9/29/2020 4:09:02 PM(UTC)
Lansweeper SSH - Keyboard Interactive Authentication
by  blackmoonwolf  
Go to last post Go to first unread
Last post: 9/29/2020 1:21:59 PM(UTC)
Lansweeper Lansweeper Dark Theme
by  blackmoonwolf   Go to last post Go to first unread
Last post: 9/29/2020 1:18:32 PM(UTC)
Lansweeper Drag and Drop Email
by  Chris Durham  
Go to last post Go to first unread
Last post: 9/29/2020 7:13:09 AM(UTC)