search cancel

Replacing the agent certificate on CSP agent

book

Article ID: 241024

calendar_today

Updated On:

Products

Critical System Protection

Issue/Introduction

Instructions on updating or replacing agent certificate in CSP 8.0.2 agents via command line 

Cause

The Critical System Protection Agent (CSP) agent certificate needs to be replaced with a newly created certificate

Environment

Release : 8.0.x

Component : CSP agent

Resolution

Things to note before running the agent configuration tools: 
 
   To run the agent config tool you must have administrative privilege on the agent device
   
    If an agent's policy prevents running the agent config tool, do one of the following:
       Apply the null policy to the agent
       Override the agent's current policy (click here for more info about the policy override tool)
 
Running the agent config tool:
 
1.  Log on to the device
 
2.  Navigate to the directory that contains the agent config tool:
    on Windows: \Symantec\Symantec Embedded Security\Agent\IPS\bin
    on Linux: opt/Symantec/sescspagent/IPS
 
3. On Windows, at an administrator's command prompt, type sisipsconfig followed by a command, and then press enter
 
For example, to view the current configuration of the agent type:
    sisipsconfig -view
 
   On Linux, type su - sisips -c sisipsconfig followed by a command, and then press enter
 
For example, to view the current configuration of the agent, type:
    su - sisips -c sisipsconfig -view
 
NOTE: Only the sisips user can run the agent config tool on Linux agents
 
More info here in the agent config tool commands article