CB Response: Cannot Use Blank Username or Password for Email Relay
search cancel

CB Response: Cannot Use Blank Username or Password for Email Relay

book

Article ID: 284956

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

  • Cannot use a blank username or password when entering in email settings :
    • User-added image

Environment

  • CB Response Server: 6.2.4 and lower

Cause

  • There is a requirement for username and password to be entered on earlier CB Response Server versions.

Resolution

Workaround :
  1. Gather the current output by running this command on the CB Response backend. Your API token can be found in your user profile in the Response console.
curl -v --tlsv1.2 -XGET -H "X-Auth-Token:<USER_API_TOKEN>" -H "Content-Type: application/json" "https://localhost/api/communication_settings" -k
  1. Use this output to fill in the information to update the API.
  2. Copy that full output and put into this post command, changing the email information you need and leaving the "smtp_password": null and "smtp_username": null. All other info should remain the same unless it's being updated.
curl -v --tlsv1.2 -XPOST -H "X-Auth-Token:<USER_API_TOKEN>" -H "Content-Type: application/json" "https://localhost/api/communication_settings" -k -d '{<output here>}'
  • As an example, this is how it will look:
curl -v --tlsv1.2 -XPOST -H "X-Auth-Token:<USER_API_TOKEN>" -H "Content-Type: application/json" "https://localhost/api/communication_settings" -k -d '{"smtp_connection_type": null, "statistics": false, "smtp_password": null, "timestamp": "2019-03-18 09:17:11.027580-07:00", "smtp_port": 25, "enabled": true, "smtp_server": 192.168.108.111, "deprecated_community_metadata_only": "off", "ondemand_diagnostics": false, "sensor_diagnostics_mode": 0, "silent": true, "community_participation": false, "mail_server_type": "own", "proxy_url": null, "smtp_username": null, "use_proxy": false}'
  • ​​​​​​The full output must be given in order for the settings to apply properly.
  1. Restart the server services, this will reset the email cache
service cb-enterprise restart

 

Additional Information

  • If the error below is encountered when running Curl commands above, ensure that you use the appropriate Web UI port.  The Web UI Port can be found in the /etc/cb/cb.conf file: 
[root@CB ~]# curl -v --tlsv1.2 -XGET -H "X-Auth-Token:<Redacted> " -H "Content-Type: application/json" "https://localhost/api/communication_settings" -k
* About to connect() to localhost port 443 (#0)
* Trying 127.0.0.1... connected
* Connected to localhost (127.0.0.1) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* warning: ignoring value of ssl.verifyhost
* skipping SSL peer certificate verification
* NSS: client certificate not found (nickname not specified)
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
* Server certificate:
* subject: CN=server
* start date: Nov 06 19:20:04 2015 GMT
* expire date: Nov 03 19:20:04 2025 GMT
* common name: server
* issuer: CN=server
> GET /api/communication_settings HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: localhost
> Accept: */*
> X-Auth-Token:<Redacted>
> Content-Type: application/json
>
* Empty reply from server
* Connection #0 to host localhost left intact
curl: (52) NSS: client certificate not found (nickname not specified)
* Closing connection #0
  • The Curl command would look like this if the WebUI Port was 8443 for example : 
curl -v --tlsv1.2 -XGET -H "X-Auth-Token:<Redacted> " -H "Content-Type: application/json" "https://localhost:8443/api/communication_settings" -k