DLP Agent is not reporting to Endpoint Prevent Server. Ping and telnet from the agent to the Endpoint Prevent server are working fine.
EDPA finest logs have the below error:
08/25/2021 02:15:12 | 18244 | FINEST | Communication.CurlTransportLayer | Clearing DNS cache as FAILURE_TO_CONNECT error occurred
08/25/2021 02:15:12 | 18244 | FINEST | Communication.CurlTransportLayer | TransportDisconnectionInformation [DisconnectReason: FAILURE_TO_CONNECT, TransportErrorCode: SERVER_REFUSED_CONNECTION, ErrorMessage:Libcurl Error: '35'. Error Message: SSL connect error. Last Error String: OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to x.x.x.x:10443
Endpoint Server aggregator logs have a lot of SSL Handshake fail errors as follows,
Date: 8/26/2021 4:02:11 PM
javax.net.ssl.SSLHandshakeException: null cert chain
All the machines on the corporate network are facing the issue.
It was found that an SSL machine called "Webkeeper" was deployed on the office network. This SSL machine was doing SSL decryption and was causing SSL issues between the DLP agent and Endpoint Prevent Server.
Adding exceptions for DLP on the SSL machine fixed the issue.