Share via

SSL Cert error from Linux hosts testing https://edr-usmv.usm.endpoint.security.microsoft.us/edr/commands/test

JohnSebastian-3934 581 Reputation points
2026-01-13T16:53:14.98+00:00

Security Center is generating this message for my Linux hosts:

Fix Microsoft Defender for Endpoint impaired communications for Linux

If I go to the resources on this I see this description:

Fix Microsoft Defender for Endpoint impaired communications for Linux

Remediation required

Description

This status indicates that there's limited communication between the machine and the Microsoft Defender for Endpoint service.

The Remediation Options tab sends me to a troubleshooting page that has scant troubleshooting advice. However it does suggest using this command from the linux host:

mdatp connectivity test

When I run that, I'm getting this error:

$ mdatp connectivity test

Testing connection with https://nf.smartscreen.microsoft.com/api/network/mac ... [OK]

Testing connection with https://x.cp.wd.microsoft.com/api/report ... [OK]

Testing connection with https://go.microsoft.com/fwlink/?linkid=2144709 ... [OK]

Testing connection with https://edr-usmv.usm.endpoint.security.microsoft.us/edr/ commands/test ... [ERROR]

    SSL peer certificate or SSH remote key was not OK

    HTTP response: 0

It's also very confusing because under the original Secure Score for this problem, it says last seed on 12/24/25 but there does appear to be the above error.

I need some advice on how to interpret all of this conflicting information and how to fix the underlying SSL peer certificate or SSH remote key was not OK problem.

Microsoft Security | Microsoft Defender | Other
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest

  1. AI answer

    2026-01-13T16:53:25.96+00:00

    The error message you are encountering, "SSL peer certificate or SSH remote key was not OK," indicates that there is an issue with the SSL certificate validation when your Linux host attempts to connect to the specified Microsoft Defender for Endpoint service URL. Here are some steps to help you troubleshoot and potentially resolve this issue:

    1. Check Certificate Validity: Ensure that the SSL certificate for the endpoint is valid. You can do this by running the following command to inspect the certificate: 
         openssl s_client -connect edr-usmv.usm.endpoint.security.microsoft.us:443
      This command will provide details about the certificate, including its validity period and issuer.
    2. Verify CA Certificates: Make sure that the root CA certificate for the SSL certificate used by the endpoint is installed on your Linux host. If the certificate is not trusted, you may need to install the appropriate CA certificate.
    3. Check for Proxy Interference: If your network uses a proxy, ensure that it is not interfering with SSL connections. Corporate proxies can sometimes perform SSL inspection, which can lead to certificate validation issues. If SSL inspection is in place, consider adding the endpoint to the allowlist or configuring exceptions.
    4. Run Connectivity Test: After checking the certificate and proxy settings, run the connectivity test again using: 
         mdatp connectivity test
      This will help you determine if the issue persists after making changes.
    5. Firewall Rules: Verify that your firewall rules allow outbound connections to the necessary Microsoft Defender for Endpoint URLs and that there are no other services blocking the connection.

    If you continue to experience issues, you may need to consult with your network administrator or Microsoft support for further assistance.

    References:

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.