App Control: CDC/SRS Connectivity Error: Could not establish trust relationship for the SSL/TLS secure channel
Article ID: 286489
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
Error in Console
-
"Collective Defense Cloud / Bit9 Software Reputation Service Unavailable"
-
System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
Environment
- App Control Server: All Supported Versions
- Microsoft Windows Server: All Supported Versions
Cause
Missing certificates in the application server's trust store
Resolution
- Login to the App Control Server hosting with the Carbon Black Service Account
- Go to: https://services.bit9.com/Services/search.aspx
- Verify the certificate information by clicking the padlock icon and viewing the certificate information > Details tab > Copy to file
- Depending on the browser, these steps may be worded slightly differently
- Run > certlm.msc and verify the certificates are in Trusted Root Certification Authorities and Intermediate Certifications Authorities
- If missing, download via web browser and import into the application servers trust store
- Open an elevated command prompt to issue the following:
iisreset net stop parityserver net stop parityreporter net start parityserver net start parityreporter
Additional Information
App Control use Digicert signed certificates for SSL communication. Therefore the Digicert certificate must be present in the certificate trust store located on the App Control application server
Feedback
Yes
No
Powered by
