FortiGate database signature invalid on FGT 60F 7.2

nobox · ‎07-12-2022

For seven hours in my logs I have entries "Fortigate idsurldb signature is missing or invalid."
Does anyone have a similar problem ?
The rest of the updates download correctly
Fortigate 60F on 7.2 fw

nobox · ‎07-13-2022

looks like they fixed it

Malicious URLs ver: 4.00406 Last updated 2022/07/13

no update errors last 4h

View solution in original post

Markus_M · ‎07-12-2022

Hello nobox,

please run in the CLI the following:

diag debug console timestamp enable

diag debug app update -1

diag debug enable

exec update-now

This will show your support contract details and there you should see some "ISDB keywords that could help you.

Best regards,

Markus

nobox · ‎07-12-2022

hi, all contracts are OK

...

2022-07-12 19:27:05 update_status_obj[711]-MUDB contract expiry=Thu Nov 7 02:00:00 2024 level(6) alert(0)

...

but

...

2022-07-12 19:27:05 installUpdObjRest[946]-Step 10:Tell parent to respawn
2022-07-12 19:27:05 doInstallUpdatePackage[1023]-Full obj found for MUDB001
2022-07-12 19:27:05 doInstallUpdatePackage[1033]-Updating obj MUDB
2022-07-12 19:27:05 installUpdateObject[278]-Step 1:Unpack obj 5, Total=1, cur=0
2022-07-12 19:27:06 [331] ftnt_code_signing_verify_and_split:
2022-07-12 19:27:06 [282] __ftnt_code_signing_verify:
2022-07-12 19:27:06 [56] __dump_ctx: CS INFO: 544e544601000c8f012c5e0c683b29
2022-07-12 19:27:06 [59] __dump_ctx: Sig len: 3215
2022-07-12 19:27:06 [60] __dump_ctx: Raw len: 8284378
2022-07-12 19:27:06 [194] __cms_verify: Verification failed.
2022-07-12 19:27:06 [196] __cms_verify: error:2E09A09E:CMS routines:CMS_SignerInfo_verify_content:verification failure
2022-07-12 19:27:06 [196] __cms_verify: error:2E09D06D:CMS routines:CMS_verify:content verify error
2022-07-12 19:27:06 __upd_obj_signature_split[2874]-Signature verify and split failed, result=1.
2022-07-12 19:27:06 installUpdateObject[302]-Failed signature verifying for obj 5, ret=-1, forced=1, len=8287609

...

2022-07-12 19:27:09 upd_install_pkg[1398]-AVEN031 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1398]-AVDB002 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1398]-AVDB007 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1398]-AVDB019 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1424]-FCNI000(fcni) installed successfully
2022-07-12 19:27:09 upd_install_pkg[1424]-FDNI000(fdslist) installed successfully
2022-07-12 19:27:09 upd_install_pkg[1424]-FSCI000(contract) installed successfully
2022-07-12 19:27:09 upd_install_pkg[1398]-FLEN078 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1398]-FLEN050 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1398]-FLDB002 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1398]-NIDS026 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1434]-Failed to install MUDB001(idsurldb) result=(-5,2).
2022-07-12 19:27:09 upd_install_pkg[1398]-APDB001 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1404]-ISDB001 is unauthorized
2022-07-12 19:27:09 upd_install_pkg[1404]-IOTD001 is unauthorized
2022-07-12 19:27:09 upd_install_pkg[1404]-IOTD002 is unauthorized
2022-07-12 19:27:09 upd_install_pkg[1398]-CIDB000 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1398]-IPGO000 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1398]-FFDB009 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1398]-UWDB001 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1398]-CRDB000 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1398]-MMDB001 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1398]-DBDB001 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1404]-SFAS000 is unauthorized
2022-07-12 19:27:09 upd_install_pkg[1398]-MCDB001 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1424]-ALCI000(alci) installed successfully
2022-07-12 19:27:09 upd_install_pkg[1398]-MADB001 is up-to-date
2022-07-12 19:27:09 upd_install_pkg[1398]-AFDB001 is up-to-date
2022-07-12 19:27:09 upd_status_save_status[131]-try to save on status file
2022-07-12 19:27:09 upd_status_save_status[197]-Wrote status file
2022-07-12 19:27:09 __upd_act_update[316]-Failed installing pkg
2022-07-12 19:27:09 upd_comm_disconnect_fds[500]-Disconnecting FDS 173.243.140.6:443

MarianoM-KI · ‎09-07-2022

Hello Markus

I have an FG 81E FW v7.2.1, I have been receiving alerts for the following message "Fortigate dnsbot signature is missing or invalid"

Mariano M

parteeksharma · ‎09-09-2022

Dear MarianoM-KI,

The error message sometimes appears if the device unable to update the "Botnet Domain Database" from Fortiguard server. Could you try to check if you have connectivity to Fortiguard server and if on dashboard any error you are getting "Unable to connect Fortiguard server" ?

Also please try to check if Botnet domain database update is installed or if any error you get for "Botnet Domain Database" by using command below:
diagnose autoupdate versions

If any error you get for "Botnet Domain Database", kindly check and try to update it manually and let us know if it works:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Botnet-Domain-Database-shows-version-0-000...

Regards,
Parteek

LGPMPLS-NSE7 · ‎09-14-2022

This issue has been resolved as a bad DB signature that was replaced and the error messages then stopped

LGPMPLS-NSE7 · ‎07-12-2022

Same here, worked with FGT support today, I thought I had it resolved, in the end, after manually updating all databases and restarting device, it came back. I am getting tons of logs with the error. Hopefully a resolution soon.

pdatic · ‎07-13-2022

I'm having the exact same problem on fg200e 7.2 FW

Log Description - FortiGate database signature invalid.

Message - Fortigate idsurldb signature is missing or invalid.

Dojo · ‎07-13-2022

I have the same on 80E 7.2 FW

hustlin · ‎07-13-2022

Exactly the same on FG200E and FG100D (both 7.2) since yesterday morning (12th of July). The worst thing is that FortiGate support has no clue and makes typical troubleshooting like checking routing, DNS, connectivity.