App Control: New Certificates and Publishers Not Being Processed
search cancel

App Control: New Certificates and Publishers Not Being Processed

book

Article ID: 286698

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

  • New certificates not found under Assets > Certificates
  • Delay in certificates appearing under Assets > Certificates
  • New Publishers not found under Rules > Software Rules > Publishers tab
  • Delay in Publishers appearing under Rules > Software Rules > Publishers tab
  • Last Validation Date for the certificate is more than a week old

Environment

  • App Control Server: 8.0.0 - 8.8.0

Cause

The logic of the "GetNextCertificateBatchToValidate" stored procedure is not setup to process certificates in order based on their next validation time, so reprocessing of failed certs its taking priority.

Resolution

The resolution to this was included in the release of Server version 8.8.2 and can be resolved by upgrading to the latest version.:
  • EP-8346: Certificate validation is now ordered to consider certificates that are yet to be validated and with the next validation time stamp.

Additional Information

  • Query to see pending certificates: 
    use das;
SELECT c.cert_id, c.next_validation_time 
FROM dbo.certificates c WITH(NOLOCK) 
INNER JOIN dbo.certificate_binary b WITH(NOLOCK) ON c.cert_id = b.cert_id 
WHERE c.next_validation_time < DATEADD(hh, -1, GETUTCDATE());
Powered by Wolken Software