3 Replies Latest reply on Mar 21, 2018 6:13 AM by davidg5700

    CSA Brokerconfig Test Fail

    BryanNg Apprentice

      Hi,

       

      Does any encounter this error during testing the CSA brokerconfig connection?

       

      CSA-Error.PNG

        • 1. Re: CSA Brokerconfig Test Fail
          davidg5700 Specialist

          I would start by checking on the core server if the client's certificate has been approved.  From the Console on the core, hit Configure - Client Access and search to find the client computer name to check the approval state. 

           

          Check that the CSA name and IP address are correct on the CSA Information tab of Brokerconfig.  If this information is incorrect, you'll need to have a look at the client connectivity agent settings.

           

          Check the CSA to ensure that the core certificate has been posted.  Check the Security section to ensure that you have both HTTP and HTTPS traffic allowed as trusted services. 

          • 2. Re: CSA Brokerconfig Test Fail
            BryanNg Apprentice

            Hi davidg5700

             

            I notice that I'm unable to access through HTTP. But in the security section the HTTP is allowed. Any idea why?

             

            Currently, I'm tested using on demand remote client is working fine. But for the device install with agent still not able to connect and the broker config have same error code when testing.

            • 3. Re: CSA Brokerconfig Test Fail
              davidg5700 Specialist

              Hey Bryan,

               

              The I/O errors that I have encountered with the CSA all have come back to an issue with certificates.  Check the \ldlogon folder for a .0 file.  The name of this file should match the "Core certificates the client will trust:" in your client connectivity agent settings.  Open up the .0 file and ensure that the CSA name and IP is correct. 

               

              Look in C:\Program Files (x86)\LANDesk\Shared Files\cbaroot\certs for the .0 file and make sure it matches the one in \ldlogon on the core.  Make sure that the client's certificate has been approved on the core.  I've found that if it is created through provisioning and the certificate state is provisioning, it will not communicate.  It will not show up in the unapproved list, you have to check the box for "created by provisioning" for those to show up so you can approve them.