Control Compliance Suite - Handshake error occurred while authenticating the agent

book

Article ID: 169671

calendar_today

Updated On:

Products

Control Compliance Suite Exchange Control Compliance Suite Windows Control Compliance Suite Control Compliance Suite Standards Server

Issue/Introduction

When running a standard on a CCS 11.x agent, you could recieve the following error message (with possible variations):
Handshake error occured while authenticating the agent <agent_name>. The authentication error is -1.

Handshake error occured while authenticating the agent <agent_name>. The authentication error is -1.

Cause

The first error is the following:

“Handshake error occured while authenticating the agent <agent_name>. The authentication error is -1.”

 

Short answer: this is the error you get when the secret for the agent in the agent.agent table does not match the secret in the C:\Program Files (x86)\Symantec\Enterprise Security Manager\ESM\system\<hostname>\db\agtcert.dat file on the agent.

 

When an CCS agent is registered to a manager for RBC, the agtcert.dat file is updated with the secret key which is also passed to the .xml file on the manager for when the Fetch agent job is performed.  When the xml is fetched from the manager, then the secret is updated in the agent.agent table with the rest of the agent information in the xml. 

 

If that secret in the agent.agent field does not match the secret in the agtcert.dat file, then you will get the following error in the Communication log tab on the agent:

“Handshake error occured while authenticating the agent <agent_name>. The authentication error is -1”

 

If the agtcert.dat file on the agent does not exist, or has a new secret but not yet registered back with the manager with the new secret, then you will get the following error:

“Handshake error occured while authenticating the agent <agent_name>. The authentication error is -6”

 

If the secret hash in the agtcert.dat file is corrupt and HAS been registered to the manager, the .xml file on the manager will have the secret field as blank (empty), and when the Fetch agent job is run, then that xml will update the agent info in the agent.agent table, but the secret will be empty.   If that happens and you try to run a DC on the agent, you will get the following:

“Handshake error occured while authenticating the agent <agent_name>. The authentication error is -3”

Environment


 

Resolution

The fix for all of these errors is to reregister the agent with the manager.  After registering the agent, you will then need to run the "Fetch Registered Agents" job.