bsylvain

Hi, I get similar issue from time to time, KES endpoint just become outdated despite successful update reports. I solve that by reapplying the license on the endpoint then run the update task again. Hope it solves also your problem. Sylvain

Great! ;) Sylvain

I have no machine with KES10, no policies and no tasks. I always cleanup all this after upgrading to any version. KSC just detect some of my KES11 machines as needing a KES10 patch. I have no idea why. Still it’s a quite old KSC, upgraded from KSC10 to KSC11 to KSC12, might have some old registries or else.

Hi, I had the same issue and I just found out a few minutes ago the missing plugin (at least for my case) : We were missing the “Kaspersky Endpoint Security 10 Service Pack 2 for Windows” plugin. (even if we don’t use this version since quite some time now, we only have KES 11.2 and 11.4 installed)You can download it there : https://support.kaspersky.com/9333#block8 I discovered it purely randomly because our KSC 12 is still offering KES 10SP2MR3 update (also we don’t have KES 10 installed anymore). Hope this fixes your issue too. I’m still looking for a way to make this version disappear from our KSC. Sylvain

Hello, In my case it was an issue with DPI-SSL of our firewall. We made a dpi-ssl bypass for *.kaspersky-labs.com Check https://support.kaspersky.com/15052?_ga=2.223948760.2141884001.1590148658-856246144.1590148658 Sylvain

Joel2015 Deadlock4400 Thank you for the infos, we're gonna check that. We are trying to avoid the downgrading to http. Have a good day. Sylvain

Hello guys, After running a few days on our workaround (choosing our public KSC as master and update server), I switched back the download to Kaspersky Servers source and it seems to work now. Did you changed something or did the workaround made things go right? Sylvain

Still not working. We trusted the root cert for the domain, no luck. It looks like the KSC has his own trusted cert repository? We have a workaround but it would be great to fix that. Can you look if something happened on you side (about the kaspersky authority : "Kaspersky Lab Public Services Root Certification Authority") ? It's kind of strange as I have 3 KSC with the same problem (different infrastructure, different domain) and 1 KSC without problem (which is a off domain server providing Kaspersky service to remote computers). Thanks. Sylvain

Hello Oleg, Thanks for your answer. Traffic security module is not running on the KSC server. And if I check "https://s11.upd.kaspersky.com" on a lab without running with an antivirus or behind a NGFW, I have the root cert error, untrusted authority.

Further tests brought me the following data : KSWS manual update through Kaspersky Servers (not ksc) are succeeding. KES 11 manual update through Kaspersky Servers (not ksc) are partially succeeding (although it reports the secure connection error and task failure, database date is correct) KES 10 update through Kaspersky Servers (not ksc) are succeeding. The problem could come from a particular module or url. Sylvain

Hello everyone, KSC version 11.0.0.1131 (with autopatch A) KSWS version 10.1.2.996 KES version 11.1.0.15919 I have a problem to download updates since yesterday (morning? last update is from 03.07.2019 - 05:58 (Zurich time)). Failed to establish the HTTPS connection: TLS error (54). '/' When I check the URL I can see that the trusted root certificate seems to be untrusted. (you cannot trust this root certificate authority...) I tried also to directly update a KES from Kaspersky servers, same error : Is there something in your infrastucture causing that? Any knows problem? Thanks. Sylvain