EDR: Unique SAN for Custom Certificates or Sensors Fail to Check-in
book
Article ID: 287630
calendar_today
Updated On:
Products
Carbon Black EDR (formerly Cb Response)
Issue/Introduction
The Web UI was accessible but the sensors stopped connecting to the EDR server.
Environment
EDR Servers: 6.4.0 and Higher
Cause
The custom SSL certificates have the exact same FQDN value in the certificate SAN field.
Resolution
Use a unique FQDN for SAN values when implementing multiple custom certificates in the EDR environment.
Additional Information
SAN (Subject Alternative Name) values are inside the custom certificate and identify the server's IP address, fully qualified domain name (FQDN) or email address.
The SAN can be viewed in the browser by clicking on the lock, select certificates and details.