Disconnected Agent Due To WinHTTP Communication Error 12175
search cancel

Disconnected Agent Due To WinHTTP Communication Error 12175


Article ID: 286464


Updated On:


Carbon Black App Control (formerly Cb Protection)


  • Agent shows as Disconnected in the Console.
  • Disconnected Agent Logs generates a Trace.bt9 file which includes:
    Server Communication: WinHTTPCommunication Error: 12175


  • App Control Server: All Supported Versions
  • App Control Agent: All Supported Versions
  • Microsoft Windows: All Supported Versions


Microsoft defines the WinHttpSendRequest Error[12175] as:

One or more errors were found in the Secure Sockets Layer (SSL) certificate sent by the server.


  1. Confirm the Server Certificate in Settings > System Configuration > Security is not expired, and formatted correctly.
    • Common Name shown should match Server Address from the General tab.
    • Expiration Date should be in the future.
    • A matching Certificate should be listed in the Trusted Communication Certificates list at the bottom of the Security tab, and Trusted.
    • If necessary, Replace the Server Certificate.
  2. Confirm whether Certificate Verification has been enabled:
  3. Confirm the Agent's current Server Address matches the Common Name on the Server Certificate:
    1. Use dascli status or b9cli --status accordingly:
      cd "C:\Program Files (x86)\Bit9\Parity Agent"
      dascli status

      cd /opt/bit9/bin
      ./b9cli --status

      cd /Applications/Bit9/Tools/
      ./b9cli --status
    2. In the returned output, locate: Server Information > Server and note the address.
    3. Compare against the Common Name of the Server Certificate.
    4. If there is a mismatch, either update the Server Address on the Agent or use a Subject Alternative Name on the Server Certificate.
  4. Confirm the endpoint and application server posses a matching Cipher Suite & Protocol.

If the issue persists, open a case with Support and provide the Disconnected Agent Logs.

Additional Information

  • If using a certificate issued by a Certificate Authority: Confirm the Agents have the Root or Intermediate Certificate in Local Computer > Trusted Root Certification Authorities > Certificates.
  • For Windows 2012 machines, the Agent will not connect to the Console if the 'P521 curve ciphers' are not enabled on the App Control Server. Otherwise, the 'P521 curve ciphers' need to be disabled on Windows 2012 machines