EDR: Unique SAN for Custom Certificates or Sensors Fail to Check-in
search cancel

EDR: Unique SAN for Custom Certificates or Sensors Fail to Check-in

book

Article ID: 287630

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

The Web UI was accessible but the sensors stopped connecting to the EDR server.

Environment

  • EDR Servers: 6.4.0 and Higher

Cause

The custom SSL certificates have the exact same FQDN value in the certificate SAN field.

Resolution

Use a unique FQDN for SAN values when implementing multiple custom certificates in the EDR environment.

Additional Information

  • SAN (Subject Alternative Name) values are inside the custom certificate¬†and identify the server's IP address, fully qualified domain name (FQDN) or email address.
  • The SAN can be viewed in the browser by clicking on the lock, select certificates and details.