[KBA-79043] Synergis™ Cloud Link offline when Automatic Root Certificates Updates enabled on server with no internet access - Synergis™ Cloud Link | Security Center 5.8 and later

series
Synergis™ Cloud Link | Security Center 5.8 and later
revised_modified
2020-07-06

[KBA-79043] Synergis™ Cloud Link offline when Automatic Root Certificates Updates enabled on server with no internet access

This article explains why the Synergis™ Cloud Link might go offline when Automatic Root Certificates Updates are enabled on the server hosting the Access Manager role and the server does not have internet access.

Symptoms

The Synergis™ Cloud Link temporarily disconnects from the Access Manager role in Security Center.

Cause

During a TLS connection, the list of trusted root certification authorities (CAs) is updated by the Windows Update Server. If the server hosting the Access Manager role is disconnected from the internet, there is a 15 second delay, which is the timeout value for the updated list of authorities to be retrieved by the network. If the server is connected to the internet, no delay occurs. This behavior is as designed according to Microsoft.

Starting in Security Center 5.8, the Synergis™ Cloud Link might disconnect if the request timeout value between the Access Manager role and the appliance is lower than 15 seconds.

Workaround

To resolve this, make sure the server hosting the Access Manager role is connected to the internet or turn off Automatic Root Certificates Updates as follows:

  1. In Windows, click Start > Run, type gpedit.msc, and click OK.
  2. In the Local Group Policy Editor, go to Administrative Templates > System > Internet Communication Management > Internet Communication settings.
  3. Double-click Turn off Automatic Root Certificates Update and then click Enabled > OK.
  4. Close the Local Group Policy Editor.

More information

For more information, see Microsoft Knowledge Base article Event ID 8 — Automatic Root Certificates Update Configuration.