EDR Server: Error: NSS: client certificate not found (nickname not specified)
search cancel

EDR Server: Error: NSS: client certificate not found (nickname not specified)

book

Article ID: 287439

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

  • When running curl command for functions that use the HTTP server, the error below is received.  This can include other operations, not just mounting/unmounting SOLR cores:
[root@edr-server cbevents]# curl -XPOST -H "X-Auth-Token:<tokenid>" "https://edr-server.local/api/v1/storage/events/cbevents_<date>/mount" -k -v
curl: (52) NSS: client certificate not found (nickname not specified)

[root@edr-server cbevents]# curl -XPOST -H "X-Auth-Token:<tokenid>" "https://edr-server.local/api/v1/storage/events/cbevents_<date>/mount" -k -v
* About to connect() to edr-server.local port 443 (#0)
* Trying 127.0.0.1
* Connected to edr-server.local (127.0.0.1) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
* subject: CN=server
* start date: Aug 25 14:20:25 2016 GMT
* expire date: Aug 23 14:20:25 2026 GMT
* common name: server
* issuer: CN=server
> POST /api/v1/storage/events/cbevents_<date>/mount HTTP/1.1
> User-Agent: curl/7.29.0
> Host: edr-server.local
> Accept: */*
> X-Auth-Token:TokenID
>
< HTTP/1.1 500 INTERNAL SERVER ERROR
< Date: Tue, 15 Mar 2022 17:27:07 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 44
< Connection: keep-alive
< Strict-Transport-Security: max-age=31536000
< X-Content-Type-Options: nosniff
< Last-Modified: 2022-03-15 13:27:07.168908
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
< Pragma: no-cache
< Expires: -1
< Set-Cookie: session=02d4d251-4681-48a4-8570-faa488d4dd1d.hkchJv9gjlOQOiv7Vv7xKPN54d0; Expires=Tue, 15-Mar-2022 18:27:07 GMT; Secure; HttpOnly; Path=/
<
* Connection #0 to host edr-server.local left intact
Unhandled exception. Check logs for details.

Environment

  • EDR Server: All Supported Versions

Cause

  • Custom port is being used for Nginx Web API, as seen in /etc/cb/cb.conf:
NginxWebApiHttpPort=443

 

Resolution

  • Reflect this in the CURL command to resolve error:
curl -XPOST -H "X-Auth-Token:<tokenid>" "https://edr-server.local:8443/api/v1/storage/events/cbevents_<date>/mount" -k -v

 
Powered by Wolken Software