Download Failures or Disconnected Agents Due To WinHttpSendRequest Error 12007
book
Article ID: 286443
calendar_today
Updated On: 02-11-2025
Products
Carbon Black App Control (formerly Cb Protection)
Show More
Show Less
Issue/Introduction
Agent is showing as Disconnected or is unable to download files from the RDL URL.
Disconnected Agent Logs reveal messages similar to the following in the Trace.bt9 file:
Server Communication: WaitForResponse End: m_bIsSleeping[0] IsSleeping[0] GetHttpStatus[0] GetWinHttpError[12007] GetSslError[0] DataAvailable[0]
Server Communication: WaitForResponse: WAIT_OBJECT_DATA_AVAILABLE_EVENT
Server Communication: WinHTTP communication error: 12007
Environment
App Control Server: All Supported Versions
App Control Agent: All Supported Versions
Microsoft Windows: All Supported Versions
Cause
Microsoft defines the WinHttpSendRequest Error[12007] as:
ERROR_WINHTTP_NAME_NOT_RESOLVED: 12007
The server name cannot be resolved.
Typically this happens when a networking issue is preventing the endpoint from resolving the Server Address:
This error can also appear as Error[00002EE7]
Resolution
Use a command prompt to issue the following commands:
cd "C:\Program Files (x86)\Bit9\Parity Agent"
dascli serverExample Output: Current server: appcontrol.domain.com:41002
If the Current Server returned does not match the Server Address in the Console, either:
Verify the Download Location settings in the Console:
Log in to the Console and navigate to Settings > System Configuration > Advanced Options.
Verify the settings in Resource Download Location and Certificate Download Location.
If necessary, reset to defaults:
Resource Download Location Default: https://**ServerIP**/hostpkg/pkg.php?pkg=Certificate Download Location Default: https://**ServerIP**/packages/Note: **ServerIP** is a wildcard for the full Server Address as seen in the Console.
More details: Update Resource Download Location or Certificate Download Location
Attempt to connect to that Server Address via the PowerShell command on Port 41002 (communication) and Port 443 (downloads), example:
tnc -ComputerName appcontrol.domain.com -Port 41002 -InformationLevel "Detailed" tnc -ComputerName appcontrol.domain.com -Port 443 -InformationLevel "Detailed"
If a Proxy is in use, verify the 32-bit netsh is configured with a Bypass for the Server Address:
C:\Windows\SysWOW64\netsh.exe winhttp show proxy
Attempt a winsock reset, then reboot the endpoint:
C:\Windows\SysWOW64\netsh.exe winsock reset
If the issue persists , open a case with Support and provide the Disconnected Agent Logs with a Wireshark/Packet Capture.
Feedback
Was this article helpful?
thumb_up
Yes
thumb_down
No