search

UnauthorizedAccessBV / ESET-Protect-Docker-Server

MIT License
12 stars 3 forks source link

Can not install / connect a linux agent to ESET Protect docker image. #13

Open abysso2 opened 7 months ago

abysso2 commented 7 months ago

Hi,

i deployed ESET Protect docker image with the official docker-compose.yml found at hub.docker.com:

version: '3'

services: mysql: image: mysql:8.0.17 command: | --default-authentication-plugin=mysql_native_password --innodb-log-file-size=100M --innodb-log-files-in-group=2 --max-allowed-packet=30M --bind-address=* --log_bin_trust_function_creators=1 restart: unless-stopped environment:

volumes: mysql: eset-protect-server-config: eset-protect-server-data: eset-protect-server-logs: eset-protect-console:

I installed my licenses, did some basic configuration and tried to install / connect an linux agent ...

./agent-linux-x86_64.sh \ --skip-license \ --hostname=192.168.0.17 \ --port=2222 \ --webconsole-user=Administrator \ --webconsole-password=mypasswd \ --webconsole-port=8080

But the agent can not connect to the server or retrieve a certificate ...

The error message:

Getting certificate from server... It is not possible to connect to the ESET PROTECT Server.

The logfile shows this ... 2024-03-19 19:51:28 Information: Installer: *** 2024-03-19 19:51:28 Information: Installer: Initialized log file: /var/log/eset/RemoteAdministrator/EraAgentInstaller.log 2024-03-19 19:51:28 Information: Installer: Creating directories... 2024-03-19 19:51:28 Information: Installer: Creating 'config' directory path: /etc/opt/eset/RemoteAdministrator/Agent 2024-03-19 19:51:28 Information: Installer: Creating 'data' directory path: /var/opt/eset/RemoteAdministrator/Agent 2024-03-19 19:51:28 Information: Installer: Creating 'Pki Cache' directory path: /var/opt/eset/RemoteAdministrator/Agent/pki.eset.com/ 2024-03-19 19:51:28 Information: Installer: Creating 'logs' directory path: /var/log/eset/RemoteAdministrator/Agent 2024-03-19 19:51:28 Information: Installer: Creating 'libs' directory path: /opt/eset/RemoteAdministrator/Agent 2024-03-19 19:51:28 Information: Installer: Directories created 2024-03-19 19:51:28 Information: Installer: The archive will be extracted to: /opt/eset/RemoteAdministrator/AgentInstallerData 2024-03-19 19:51:28 Information: Installer: Extracting, please wait... 2024-03-19 19:51:29 Information: Installer: The unpacked installer data will be moved to: /opt/eset/RemoteAdministrator/Agent 2024-03-19 19:51:29 Information: Installer: Checking OpenSSL ... 2024-03-19 19:51:29 Information: DepCheckOpenSSL: Action invoked with: --appdata-data-dir /var/opt/eset/RemoteAdministrator/Agent --ca-password ** --cert-auth-content ** --cert-auth-path "" --cert-auth-temp-path "" --cert-content ** --cert-password ** --cert-password-is-base64 ** --cert-path "" --cert-temp-path "" --cert-to-check-password ** --cert-to-check-path "" --computer-added-uuid "" --computer-group-choice DEFAULT --connection-chosen host --create-ca 0 --current-version 11.0.503.0 --custom-policy "" --db-backup-path "" --db-connectors-dir "" --db-path /var/opt/eset/RemoteAdministrator/Agent/data.db --db-scripts-dir "" --db-type SQLite --db-upgrade "" --enable-telemetry "" --era-lib-dir /opt/eset/RemoteAdministrator/Agent/ --hostname "" --hostname-to-check "" --initial-static-group "" --installed "" --installed-version "" --keep-stored-policies 0 --log-sequence-id "" --modules-dir /opt/eset/RemoteAdministrator/Agent/setup/Modules/ --port 2222 --port-to-check "" --product-guid "" --product-name Agent --proxy-http-hostname "" --proxy-http-password ** --proxy-http-port 3128 --proxy-http-username ** --replication-interval "" --server-cert-temp-path "" --upgrade "" --use-proxy 0 --webconsole-hostname "" --webconsole-password ** --webconsole-port 8080 --webconsole-use-domain "" --webconsole-user Administrator 2024-03-19 19:51:29 Information: DepCheckOpenSSL: Set output property: P_OPENSSL_VERSION = OpenSSL 3.0.11 19 Sep 2023 2024-03-19 19:51:29 Information: DepCheckOpenSSL: Return code: 0 2024-03-19 19:51:29 Information: Installer: Found: OpenSSL 3.0.11 19 Sep 2023 2024-03-19 19:51:29 Information: Installer: GUID loaded from config-file with value: b1c41e2d-7028-4866-b8d7-ec94a034b62b 2024-03-19 19:51:29 Information: Installer: Installed version loaded from config-file is: 11.0.503.0 2024-03-19 19:51:29 Information: Installer: Checking installed version ... 2024-03-19 19:51:29 Information: CheckVersion: Action invoked with: --appdata-data-dir /var/opt/eset/RemoteAdministrator/Agent --ca-password ** --cert-auth-content ** --cert-auth-path "" --cert-auth-temp-path "" --cert-content ** --cert-password ** --cert-password-is-base64 ** --cert-path "" --cert-temp-path "" --cert-to-check-password ** --cert-to-check-path "" --computer-added-uuid "" --computer-group-choice DEFAULT --connection-chosen host --create-ca 0 --current-version 11.0.503.0 --custom-policy "" --db-backup-path "" --db-connectors-dir /opt/eset/RemoteAdministrator/Agent/setup --db-path /var/opt/eset/RemoteAdministrator/Agent/data.db --db-scripts-dir /opt/eset/RemoteAdministrator/Agent/setup/Database --db-type SQLite --db-upgrade "" --enable-telemetry "" --era-lib-dir /opt/eset/RemoteAdministrator/Agent/ --hostname "" --hostname-to-check "" --initial-static-group "" --installed "" --installed-version 11.0.503.0 --keep-stored-policies 0 --log-sequence-id "" --modules-dir /opt/eset/RemoteAdministrator/Agent/setup/Modules/ --port 2222 --port-to-check "" --product-guid b1c41e2d-7028-4866-b8d7-ec94a034b62b --product-name Agent --proxy-http-hostname "" --proxy-http-password ** --proxy-http-port 3128 --proxy-http-username ** --replication-interval "" --server-cert-temp-path "" --upgrade "" --use-proxy 0 --webconsole-hostname "" --webconsole-password ** --webconsole-port 8080 --webconsole-use-domain "" --webconsole-user Administrator 2024-03-19 19:51:29 Information: CheckVersion: Set output property: P_VERSION_STATUS = REPAIR 2024-03-19 19:51:29 Information: CheckVersion: Return code: 0 2024-03-19 19:51:29 Information: Installer: Status of current installation is: REPAIR 2024-03-19 19:51:29 Information: Installer: Reading previous configuration settings 2024-03-19 19:51:29 Information: LoadInstalledData: Action invoked with: --appdata-data-dir /var/opt/eset/RemoteAdministrator/Agent --ca-password ** --cert-auth-content ** --cert-auth-path "" --cert-auth-temp-path "" --cert-content ** --cert-password ** --cert-password-is-base64 ** --cert-path "" --cert-temp-path "" --cert-to-check-password ** --cert-to-check-path "" --computer-added-uuid "" --computer-group-choice DEFAULT --connection-chosen host --create-ca 0 --current-version 11.0.503.0 --custom-policy "" --db-backup-path "" --db-connectors-dir /opt/eset/RemoteAdministrator/Agent/setup --db-path /var/opt/eset/RemoteAdministrator/Agent/data.db --db-scripts-dir /opt/eset/RemoteAdministrator/Agent/setup/Database --db-type SQLite --db-upgrade "" --enable-telemetry "" --era-lib-dir /opt/eset/RemoteAdministrator/Agent/ --hostname "" --hostname-to-check "" --initial-static-group "" --installed REPAIR --installed-version 11.0.503.0 --keep-stored-policies 0 --log-sequence-id "" --modules-dir /opt/eset/RemoteAdministrator/Agent/setup/Modules/ --port 2222 --port-to-check "" --product-guid b1c41e2d-7028-4866-b8d7-ec94a034b62b --product-name Agent --proxy-http-hostname "" --proxy-http-password ** --proxy-http-port 3128 --proxy-http-username ** --replication-interval "" --server-cert-temp-path "" --upgrade "" --use-proxy 0 --webconsole-hostname "" --webconsole-password ** --webconsole-port 8080 --webconsole-use-domain "" --webconsole-user Administrator 2024-03-19 19:51:30 Information: Entering function: std::string Era::Setup::Common::CustomActions::CDatabaseReader::GetConfigEngineData(const string&) 2024-03-19 19:51:30 Information: Leaving function: std::string Era::Setup::Common::CustomActions::CDatabaseReader::GetConfigEngineData(const string&) 2024-03-19 19:51:30 Information: LoadInstalledData: Set output property: P_CONNECTION_CHOSEN = host 2024-03-19 19:51:30 Information: LoadInstalledData: Set output property: P_HOSTNAME = 192.168.0.247 2024-03-19 19:51:30 Information: LoadInstalledData: Set output property: P_PORT = 2222 2024-03-19 19:51:30 Information: LoadInstalledData: Return code: 0 2024-03-19 19:51:30 Information: Installer: Previous configuration read ('hostname': '192.168.0.247', 'port': 2222) 2024-03-19 19:51:30 Information: Installer: New connection settings are 'hostname': '192.168.0.17', 'port': 2222 2024-03-19 19:51:30 Information: Installer: Checking server connection... 2024-03-19 19:51:30 Information: CheckServerConnection: Action invoked with: --appdata-data-dir /var/opt/eset/RemoteAdministrator/Agent --ca-password ** --cert-auth-content ** --cert-auth-path "" --cert-auth-temp-path "" --cert-content ** --cert-password ** --cert-password-is-base64 ** --cert-path "" --cert-temp-path "" --cert-to-check-password ** --cert-to-check-path "" --computer-added-uuid "" --computer-group-choice DEFAULT --connection-chosen host --create-ca 0 --current-version 11.0.503.0 --custom-policy "" --db-backup-path "" --db-connectors-dir /opt/eset/RemoteAdministrator/Agent/setup --db-path /var/opt/eset/RemoteAdministrator/Agent/data.db --db-scripts-dir /opt/eset/RemoteAdministrator/Agent/setup/Database --db-type SQLite --db-upgrade "" --enable-telemetry "" --era-lib-dir /opt/eset/RemoteAdministrator/Agent/ --hostname 192.168.0.17 --hostname-to-check 192.168.0.17 --initial-static-group "" --installed REPAIR --installed-version 11.0.503.0 --keep-stored-policies 0 --log-sequence-id "" --modules-dir /opt/eset/RemoteAdministrator/Agent/setup/Modules/ --port 2222 --port-to-check "" --product-guid b1c41e2d-7028-4866-b8d7-ec94a034b62b --product-name Agent --proxy-http-hostname "" --proxy-http-password ** --proxy-http-port 3128 --proxy-http-username ** --replication-interval "" --server-cert-temp-path "" --upgrade "" --use-proxy 0 --webconsole-hostname "" --webconsole-password ** --webconsole-port 8080 --webconsole-use-domain "" --webconsole-user Administrator 2024-03-19 19:51:30 Information: CheckServerConnection: Set output property: P_CONNECTION_CHOSEN = ipv4 2024-03-19 19:51:30 Information: CheckServerConnection: Return code: 0 2024-03-19 19:51:30 Information: CheckPortFormat: Action invoked with: --appdata-data-dir /var/opt/eset/RemoteAdministrator/Agent --ca-password ** --cert-auth-content ** --cert-auth-path "" --cert-auth-temp-path "" --cert-content ** --cert-password ** --cert-password-is-base64 ** --cert-path "" --cert-temp-path "" --cert-to-check-password ** --cert-to-check-path "" --computer-added-uuid "" --computer-group-choice DEFAULT --connection-chosen ipv4 --create-ca 0 --current-version 11.0.503.0 --custom-policy "" --db-backup-path "" --db-connectors-dir /opt/eset/RemoteAdministrator/Agent/setup --db-path /var/opt/eset/RemoteAdministrator/Agent/data.db --db-scripts-dir /opt/eset/RemoteAdministrator/Agent/setup/Database --db-type SQLite --db-upgrade "" --enable-telemetry "" --era-lib-dir /opt/eset/RemoteAdministrator/Agent/ --hostname 192.168.0.17 --hostname-to-check 192.168.0.17 --initial-static-group "" --installed REPAIR --installed-version 11.0.503.0 --keep-stored-policies 0 --log-sequence-id "" --modules-dir /opt/eset/RemoteAdministrator/Agent/setup/Modules/ --port 2222 --port-to-check 2222 --product-guid b1c41e2d-7028-4866-b8d7-ec94a034b62b --product-name Agent --proxy-http-hostname "" --proxy-http-password ** --proxy-http-port 3128 --proxy-http-username ** --replication-interval "" --server-cert-temp-path "" --upgrade "" --use-proxy 0 --webconsole-hostname "" --webconsole-password ** --webconsole-port 8080 --webconsole-use-domain "" --webconsole-user Administrator 2024-03-19 19:51:30 Information: CheckPortFormat: Set output property: P_PORT_TO_CHECK_STATUS = 0 2024-03-19 19:51:30 Information: CheckPortFormat: Return code: 0 2024-03-19 19:51:30 Information: Installer: Connection checked successfully. 2024-03-19 19:51:30 Information: Installer: Stopping running instance of eraagent.service 2024-03-19 19:51:31 Information: Installer: Getting certificate from server... 2024-03-19 19:51:31 Information: GetServerCertificate: Action invoked with: --appdata-data-dir /var/opt/eset/RemoteAdministrator/Agent --ca-password ** --cert-auth-content ** --cert-auth-path "" --cert-auth-temp-path /opt/eset/RemoteAdministrator/Agent/setup/ca.der --cert-content ** --cert-password ** --cert-password-is-base64 ** --cert-path "" --cert-temp-path /opt/eset/RemoteAdministrator/Agent/setup/peercert.pfx --cert-to-check-password ** --cert-to-check-path "" --computer-added-uuid "" --computer-group-choice DEFAULT --connection-chosen ipv4 --create-ca 0 --current-version 11.0.503.0 --custom-policy "" --db-backup-path "" --db-connectors-dir /opt/eset/RemoteAdministrator/Agent/setup --db-path /var/opt/eset/RemoteAdministrator/Agent/data.db --db-scripts-dir /opt/eset/RemoteAdministrator/Agent/setup/Database --db-type SQLite --db-upgrade "" --enable-telemetry "" --era-lib-dir /opt/eset/RemoteAdministrator/Agent/ --hostname 192.168.0.17 --hostname-to-check 192.168.0.17 --initial-static-group "" --installed REPAIR --installed-version 11.0.503.0 --keep-stored-policies 0 --log-sequence-id "" --modules-dir /opt/eset/RemoteAdministrator/Agent/setup/Modules/ --port 2222 --port-to-check 2222 --product-guid b1c41e2d-7028-4866-b8d7-ec94a034b62b --product-name Agent --proxy-http-hostname "" --proxy-http-password ** --proxy-http-port 3128 --proxy-http-username ** --replication-interval "" --server-cert-temp-path /opt/eset/RemoteAdministrator/Agent/setup/servercert.der --upgrade "" --use-proxy 0 --webconsole-hostname 192.168.0.17 --webconsole-password ** --webconsole-port 8080 --webconsole-use-domain "" --webconsole-user Administrator 2024-03-19 19:51:31 Information: GetServerCertificate: Set output property: P_SERVER_CONNECTION_STATUS = CONNECTION_ERROR 2024-03-19 19:51:31 Information: GetCertificatesFromServer: Following error occurred while trying to get certificates from server: Bad response type. Request is: {"Era.Common.DataDefinition.Network.Connection": {"host":"192.168.0.17","port":8080} } Response is:{"Era.ServerApi.SimpleResponse": {"result":false,"error":"ProtocolLayer: unsupported protocol version"} } 2024-03-19 19:51:31 Information: CServerAccess: Unloading server API library.... 2024-03-19 19:51:31 Information: GetServerCertificate: Return code: 0 2024-03-19 19:51:31 Information: Installer: It is not possible to connect to the ESET PROTECT Server. 2024-03-19 19:51:31 Information: Installer: Cleaning up setup directories

How do i manage to run ESET protect as a docker container and connect a agent to the server?

BTW: Firewall is off

Regards,

Andreas

Trickfilm400 commented 7 months ago

Request is: {"Era.Common.DataDefinition.Network.Connection": {"host":"192.168.0.17","port":8080} } Response is:{"Era.ServerApi.SimpleResponse": {"result":false,"error":"ProtocolLayer: unsupported protocol version"} }

So based on this, the connection to the server seems established, as there is a response

My only gues would be some sort of version conflict?

For me this was a drop in replacement upgrade, I used the same FQDN, so I migrated and only changed the DNS record and had no issues

I haven't installed an agent jet and only have windows clients

I've seen your issue already, but have no better idea