Forum Discussion
Device Discovery Network Scanner Certificate expires soon
Hello Community
The installation of Device Discovery Scanner Agent installs a certificate named "MDATPNetworkScanAgent" valid for 1 year. On a Customer site, that certificate expires in about 3 weeks.
Will that certificate be renewed automatically? If yes, when will it happen?
I couldn't find anything about that topic.
Thanks for any help.
Joerg
Hello Yong
Thanks for your reply.
Outgoing Internet is all open and Windows Updates are all installed on that device.
I've downloaded the last MdatpScanAgentSetup.msi and run it again, without uninstalling the last installation. The certificate got renewed and is valid for another year.I thought I try this first, before going through the time-consuming process of a Microsoft Support Case. Fortunately it helped, but the reason why the certificate didn't automatically renew is a mystery.
Thanks,
Joerg Renggli - LAG
- yongrheemsftMicrosoftHello JoRe_LAG,
The certificate should get updated 120 days before it's expiry.
Now, why is the certificate not getting renewed?
1) Make sure that the MDE client (MSSense.exe) is up to date. e.g. Microsoft Updates (aka Windows Update)
2) Network connectivity problems with the CRL URL's. The MDE URL's including CRL URL's are in https://download.microsoft.com/download/6/b/f/6bfff670-47c3-4e45-b01b-64a2610eaefa/mde-urls-commercial.xlsx Reference: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-proxy-internet?view=o365-worldwide
If both check out, please open a Microsoft support ticket (case).
Thanks,
Yong Rhee - MSFT- JoRe_LAGCopper Contributor
Hello Yong
Thanks for your reply.
Outgoing Internet is all open and Windows Updates are all installed on that device.
I've downloaded the last MdatpScanAgentSetup.msi and run it again, without uninstalling the last installation. The certificate got renewed and is valid for another year.I thought I try this first, before going through the time-consuming process of a Microsoft Support Case. Fortunately it helped, but the reason why the certificate didn't automatically renew is a mystery.
Thanks,
Joerg Renggli - LAG- yongrheemsftMicrosoftThx JoRe_LAG for closing the loop. I have passed on, the info to the devs.
Yong Rhee - MSFT