Error executing upgrade action with error code -99

Reply
Highlighted
L2 Linker

Error executing upgrade action with error code -99

Several Windows XDR Agents on 6.0.1 or 7.x and getting the following in the trapsd.log.  Attempting update to current release 7.1.1

(InstallUpdate):} <Error> Failed to verify upgrade package signature

 (InstallUpdate):} <Error> Error executing upgrade action with error code -99

 (InstallUpdate):} <Error> Agent action with ID 5adc67fce34d491a81b2bc3e8b0036d8 execution failed with -99

 

Has anyone else experienced this or know what error code -99 indicates.  Not found reference or discussion regarding this error code.


Accepted Solutions
Highlighted
L2 Linker

thanks for the reply @PBurns 
Actually while both I and my client were looking into this today (he has also had a case opened) and they mentioned some of the items (and others) that you mentioned, but none seem to be the trick.


What we did see, when I was looking in the trapsd.log in the Support Files collection, I found THIS URL:

https://panw-xdr-installers-prod-us.storage.googleapis.com/windows/7.1.1.49751 

Even though we had asked several times, there was no one that mentioned THIS one that we should make sure is whitelisted and not decrypted NGFW/PrismaAccess.  Once this was added to the other already included URL's the upgrades worked.

This appears to be a NEW URL that some clients may need to whitelist.  I am putting it here in the LIVEcommunity because it was not seen or identified in any documentation my client has been provided with, even though he explicitly asked if URL's other than the ones he been informed of earlier were required.


Hope this is helpful also to others as something to try, until PAN can put out additional documentation of what may need to be whitelisted.

View solution in original post


All Replies
Highlighted
L1 Bithead

I have not seen this particular error code, but we too, have had issues with upgrades. If you have tamper protect enabled, try disabling it. If not, Palo Alto support can review the support files for you, and, if needed, provide the XDR Cleaner tool to force uninstall the agent. 

 

The general fix seems to be:

1. Disable protection and tamper protect

2. Try Upgrade again.

3. If upgrades still fail, run the XDR Cleaner tool, reboot

4. Install fresh (may create a duplicate entry) 

Highlighted
L2 Linker

thanks for the reply @PBurns 
Actually while both I and my client were looking into this today (he has also had a case opened) and they mentioned some of the items (and others) that you mentioned, but none seem to be the trick.


What we did see, when I was looking in the trapsd.log in the Support Files collection, I found THIS URL:

https://panw-xdr-installers-prod-us.storage.googleapis.com/windows/7.1.1.49751 

Even though we had asked several times, there was no one that mentioned THIS one that we should make sure is whitelisted and not decrypted NGFW/PrismaAccess.  Once this was added to the other already included URL's the upgrades worked.

This appears to be a NEW URL that some clients may need to whitelist.  I am putting it here in the LIVEcommunity because it was not seen or identified in any documentation my client has been provided with, even though he explicitly asked if URL's other than the ones he been informed of earlier were required.


Hope this is helpful also to others as something to try, until PAN can put out additional documentation of what may need to be whitelisted.

View solution in original post

Highlighted
L2 Linker

I should update this post to state that we found the following (see step 4, ie: "...exclude Cortex XDR services from decryption...") that may have been updated a few days before this original post, but we were not aware of it at the time.

https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/get-started-with-cortex-xdr...

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!