This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 

LsAgent failing - Lansweeper SSL Expired

lansweeper25t34
Engaged Sweeper

‎08-06-2020 09:33 PM

We've had issues with clients using the Lansweeper agent not reporting to our server lately. Today I checked the logs on a new client that is failing and I see the SSL certificate for https://relay.lansweeper.com is expired.

The specific error from the logs is:

System.ServiceModel.Security.SecurityNegotiationException: Could not establish trust relationship for the SSL/TLS secure channel with authority 'relay.lansweeper.com'. ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

When looking at the SSL certificate, I see it's a wildcard certificate that expired on July 16, 2020.

I created a ticket, however, I received a response that they are backlogged. Hopefully, someone from Lansweeper will see this and get the certificate updated.
Labels:
3 REPLIES 3
kjstech
Engaged Sweeper III

‎11-10-2020 05:08 PM

Could you create a DNS CNAME to point relay.lansweeper.com to lsagentrelay.lansweeper.com or either modify the hosts file on the machine?
0 Kudos
dmoraes
Engaged Sweeper II

‎09-13-2020 06:07 PM

Just FYI.

I updated one of my client PCs and the issue is now gone.

The reason appears to be that Lansweeper changed the DNS for the relay server.

Lsagentlog.txt now shows:
DEBUG Created RelayCommunicationSender to URL https://lsagentrelay.lansweeper.com/EchoService.svc

instead of:
DEBUG Created RelayCommunicationSender to URL https://relay.lansweeper.com/EchoService.svc

it is so odd that the agent has this hardcoded and not configurable from the local server, i.e. configuration on local server --> relay --> agent. This way we could perform a smooth transition.

More concerning is that Lansweeper team did not provide a primary and a secondary DNS OR resolved that with the old DNS (with a redirection).

We will need to schedule a Unscheduled update of 800+ machines now.
0 Kudos
nlertn-PRE
Engaged Sweeper

‎08-12-2020 10:34 PM

Lansweeper confirms upgrading the LSagent to the latest version will fix the problem. I had tried this and indeed fixed the issue.

This is frustrating as all our 200 clients can no longer update the Lansweeper database. We depend on the cloud services to ensure our database is updated.

Secondly Lansweeper does not inform us of a new LSAgent patch till we find out there is an issue.

Finally, the LSAgent has no built in capability of upgrading itself, hence we would have to roll it out to over 200 computers manually to get back to where we were. Lansweeper should build it into LSAgent to have the capability of updating the SSL cert without reinstalling. This would make things simple.
0 Kudos

General Discussions

Find answers to technical questions about Lansweeper.

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now
Top