App Control: Download Failures Due to WinHttp Error[12029]
search cancel

App Control: Download Failures Due to WinHttp Error[12029]

book

Article ID: 289414

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

  • Agents are showing with Approvals Out of Date or Yara Rules Out of Date
  • Agent is returning errors similar to:
    Error[Failed to obtain CL file[https://ServerAddress/hostpkg/pkg.php?pkg=configlistwithdeleteditems.xml.egk]: Error[WinHttpSendRequest Error[12029:]
    or
    Error[Failed to obtain file[https://ServerAddress/hostpkg/pkg.php?pkg=Yara.bt9]: Error[WinHttpReceiveResponse Error[12029:]

Environment

  • App Control Server: All Supported Versions
  • App Control Agent: All Supported Versions
  • Microsoft Windows; All Supported Versions

Cause

This error indicates that the endpoint has resolved the DNS name of the remote location, but cannot establish a connection with the remote location. Typically this happens when the port (such as 443) is blocked.

Microsoft defines this WinHttp Error[12029] as:
ERROR_WINHTTP_CANNOT_CONNECT: 12029
Returned if connection to the server failed.

Resolution

  1. Verify the Resource Download Location (RDL) specified is correct.
  2. Verify Port 443 to the RDL is open.
  3. Use PowerShell on the endpoint to test the connection:
    tnc -ComputerName ServerAddress -Port 443 -InformationLevel "Detailed"
  4. Log in to the endpoint encountering the error and use a browser to validate the file exists and can be downloaded (without error), example:
    https://ServerAddress/hostpkg/pkg.php?pkg=Yara.bt9
  5. Verify the Cipher Suites/Protocols enabled on the endpoint match those enabled on the application server.
  6. Manually import the problematic file on the endpoint (Yara, Configlist)