Symantec Management Platform (Notification Server)

 View Only
Back to discussions
Expand all | Collapse all

Symantec Management Agent error (Failed to restore the certificate to XXXX store, no backup date, error: The system cannot find the file specified (0x00000002).

  • 1.  Symantec Management Agent error (Failed to restore the certificate to XXXX store, no backup date, error: The system cannot find the file specified (0x00000002).

    Posted Jan 23, 2020 11:55 AM

    During the install of the Symantec Management Agent (SMA) to a new computer, the agent installation log shows errors when validating certificate stores.

    <event date='01/23/2020 10:20:55.7190000 -05:00' severity='4' hostName='jima' source='Agent' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='14756' thread='19548' tickCount='58669140' >
      <![CDATA[Agent is starting. CEM mode is 'Disabled', registration status is 'Not registered']]>
    </event>
    <event date='01/23/2020 10:20:55.7190000 -05:00' severity='4' hostName='jima' source='Agent' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='14756' thread='19548' tickCount='58669140' >
      <![CDATA[Validating certificate store 'AeXNSClient\Personal', restoring the missing certificates from the backup]]>
    </event>
    <event date='01/23/2020 10:20:55.7190000 -05:00' severity='4' hostName='jima' source='CertificateManager' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='14756' thread='19548' tickCount='58669140' >
      <![CDATA[Failed to restore the certificates to 'AeXNSClient\Personal' store, no backup data, error: The system cannot find the file specified (0x00000002)]]>
    </event>
    <event date='01/23/2020 10:20:55.7190000 -05:00' severity='4' hostName='jima' source='Agent' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='14756' thread='19548' tickCount='58669140' >
      <![CDATA[Validating certificate store 'Local Computer\Personal', restoring the missing certificates from the backup]]>
    </event>
    <event date='01/23/2020 10:20:55.7350000 -05:00' severity='4' hostName='jima' source='CertificateManager' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='14756' thread='19548' tickCount='58669156' >
      <![CDATA[Failed to restore the certificates to 'Local Computer\Personal' store, no backup data, error: The system cannot find the file specified (0x00000002)]]>
    </event>
    <event date='01/23/2020 10:20:55.7350000 -05:00' severity='4' hostName='jima' source='Agent' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='14756' thread='19548' tickCount='58669156' >
      <![CDATA[Validating certificate store 'Trusted Root Certification Authorities', restoring the missing certificates from the backup]]>
    </event>
    <event date='01/23/2020 10:20:55.7410000 -05:00' severity='4' hostName='jima' source='CertificateManager' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='14756' thread='19548' tickCount='58669156' >
      <![CDATA[Failed to restore the certificates to 'Trusted Root Certification Authorities' store, no backup data, error: The system cannot find the file specified (0x00000002)]]>
    </event>
    <event date='01/23/2020 10:20:55.7410000 -05:00' severity='4' hostName='jima' source='Agent' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='14756' thread='19548' tickCount='58669156' >
      <![CDATA[Validating certificate store 'Client Authentication Issuers', restoring the missing certificates from the backup]]>
    </event>
    <event date='01/23/2020 10:20:55.7410000 -05:00' severity='4' hostName='jima' source='CertificateManager' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='14756' thread='19548' tickCount='58669156' >
      <![CDATA[Failed to restore the certificates to 'Client Authentication Issuers' store, no backup data, error: The system cannot find the file specified (0x00000002)]]>
    </event>
    <event date='01/23/2020 10:20:55.7410000 -05:00' severity='4' hostName='jima' source='Agent' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='14756' thread='19548' tickCount='58669156' >
      <![CDATA[Validating certificate store 'Intermediate Certification Authorities', restoring the missing certificates from the backup]]>
    </event>
    <event date='01/23/2020 10:20:55.7410000 -05:00' severity='4' hostName='jima' source='CertificateManager' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='14756' thread='19548' tickCount='58669156' >
      <![CDATA[Failed to restore the certificates to 'Intermediate Certification Authorities' store, no backup data, error: The system cannot find the file specified (0x00000002)]]>
    </event>

    Questions

    1. Why are the certificates missing in the first place? Is it because the SMA has never been installed and the certificates are provided as a part of the install of the SMA?
    2. Where is the so-called backup that the agent is going to restore these missing certificates from?
    3. Why do i not have any backup data? 
    4. What can't the SMA install find the files it needs? error: 0x00000002
    5. What should i do to resolve this issue? 
    6. Is there a way to completely disable HTTPS and not require ceritifcates in the first place? I already unchecked HTTPS in every place possible i could find but i might be missing places?  Or do certiicates have to be validated even if HTTPS isnt enabled?

     

    Thank You!



  • 2.  RE: Symantec Management Agent error (Failed to restore the certificate to XXXX store, no backup date, error: The system cannot find the file specified (0x00000002).
    Best Answer

    Broadcom Employee
    Posted Jan 24, 2020 05:13 AM

    Hi James Auman!

    1. Its a common functionality of Symantec Management Agent, so it does such checks even if you don't have enabled HTTPs for your Web Site where SMP is installed as well as if default NS communicaiton profile doesn't have enabled HTTPS URL for NS and if SSL certificates aren't imported in this profile.

    2. You can also check what certificates are arrived from SMP on your managed client computer, just enable diags option via command line on this computer

    C:\>"Program Files\Altiris\Altiris Agent\AeXNSAgent.exe" /diags

    Now you will be able to open "Certificates" page in SMA UI

    3. Regarding "Why do i not have any backup data?" & "What can't the SMA install find the files it needs? error: 0x00000002"

    Once you will have certificates applied in NS Communication profile, enable "Cloud Enabled Management" functionality and have installed/configured "CEM" gateway in environment with enabled "CEM" policy and targeted to managed client computers which are communicating via HTTPs, clients will get all required certificates, will check them, backup them, etc, but for now assume that your environment is set to work via HTTP.

    As example, I have 1 cert applied in NS Communication profile, so my client shows me this message despite on other not found file

    "1/24/2020 11:42:54 AM","0 certificates were restored, 1 certificates were overwritten in 'Trusted Root Certification Authorities' store","CertificateManager","AeXNSAgent.exe","10544","Informational"

    4. No worries for these activities by Symantec Management Agent, because all these logs you see that they shown as Informational severity. So better to pay attention on log output which are 'Warning' or 'Error' severities.

     

    Thanks,

    IP.

     

     

     



  • 3.  RE: Symantec Management Agent error (Failed to restore the certificate to XXXX store, no backup date, error: The system cannot find the file specified (0x00000002).

    Posted Feb 11, 2020 01:09 PM

    Thank you Igor for such a well laid explanation, line by line.  You are a real asset to this forum.  I have follow-up questions.  

    With the help of support, we re-enabled HTTPS and made sure the certificates were good on the server side.  We then ran 'AexAgentUtil.exe /clean' and uninstalled the agent from my machine.  Once it was removed, we pushed out the agent again.  Nothing seems to have changed.  I still get errors about 'failed to restore the certificate' and 'no backup data' and 'the system cannot find the file specificed (0x00000002)'.  Any idea where in the process this is breaking down?

    I enabled the diagnostic mode (thank you) and checked my certificates store.  It looks like i have a NS; Web site certificate in my Trusted Root Certifcation Authorites Store and the cert is valid.  No idea if that means anything.  

    Regarading enabling CEM and configuring the CEM gateway.  Isnt CEM a cloud option?  We are 100% on-prem and dont use cloud technology.  Do i need CEM in order for these certificate failures errors to go away?

    Thanks!
    Jim

     

    <event date='02/11/2020 11:59:51.9350000 -05:00' severity='4' hostName='jima' source='Agent' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='20612' thread='22000' tickCount='8830890' >
      <![CDATA[Validating certificate store 'AeXNSClient\Personal', restoring the missing certificates from the backup]]>
    </event>
    <event date='02/11/2020 11:59:51.9370000 -05:00' severity='4' hostName='jima' source='CertificateManager' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='20612' thread='22000' tickCount='8830890' >
      <![CDATA[Failed to restore the certificates to 'AeXNSClient\Personal' store, no backup data, error: The system cannot find the file specified (0x00000002)]]>
    </event>
    <event date='02/11/2020 11:59:51.9370000 -05:00' severity='4' hostName='jima' source='Agent' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='20612' thread='22000' tickCount='8830890' >
      <![CDATA[Validating certificate store 'Local Computer\Personal', restoring the missing certificates from the backup]]>
    </event>
    <event date='02/11/2020 11:59:51.9400000 -05:00' severity='4' hostName='jima' source='CertificateManager' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='20612' thread='22000' tickCount='8830890' >
      <![CDATA[Failed to restore the certificates to 'Local Computer\Personal' store, no backup data, error: The system cannot find the file specified (0x00000002)]]>
    </event>
    <event date='02/11/2020 11:59:51.9400000 -05:00' severity='4' hostName='jima' source='Agent' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='20612' thread='22000' tickCount='8830890' >
      <![CDATA[Validating certificate store 'Trusted Root Certification Authorities', restoring the missing certificates from the backup]]>
    </event>
    <event date='02/11/2020 11:59:51.9510000 -05:00' severity='4' hostName='jima' source='CertificateManager' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='20612' thread='22000' tickCount='8830906' >
      <![CDATA[0 certificates were restored, 1 certificates were overwritten in 'Trusted Root Certification Authorities' store]]>
    </event>
    <event date='02/11/2020 11:59:51.9520000 -05:00' severity='4' hostName='jima' source='Agent' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='20612' thread='22000' tickCount='8830906' >
      <![CDATA[Validating certificate store 'Client Authentication Issuers', restoring the missing certificates from the backup]]>
    </event>
    <event date='02/11/2020 11:59:51.9550000 -05:00' severity='4' hostName='jima' source='CertificateManager' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='20612' thread='22000' tickCount='8830906' >
      <![CDATA[Failed to restore the certificates to 'Client Authentication Issuers' store, no backup data, error: The system cannot find the file specified (0x00000002)]]>
    </event>
    <event date='02/11/2020 11:59:51.9560000 -05:00' severity='4' hostName='jima' source='Agent' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='20612' thread='22000' tickCount='8830906' >
      <![CDATA[Validating certificate store 'Intermediate Certification Authorities', restoring the missing certificates from the backup]]>
    </event>
    <event date='02/11/2020 11:59:51.9590000 -05:00' severity='4' hostName='jima' source='CertificateManager' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='20612' thread='22000' tickCount='8830921' >
      <![CDATA[Failed to restore the certificates to 'Intermediate Certification Authorities' store, no backup data, error: The system cannot find the file specified (0x00000002)]]>
    </event>
     

     



  • 4.  RE: Symantec Management Agent error (Failed to restore the certificate to XXXX store, no backup date, error: The system cannot find the file specified (0x00000002).

    Broadcom Employee
    Posted Feb 13, 2020 12:47 AM

    I'll suggest to do not pay attention on these "INFO" level logging messages from Agent while it is doing own processes on its service start-up and no need to have CEM enabled functionality if you are using product just On-prem mode. These INFO level messages do not impact your current environment and Agent functionality with Notification Server.