Download Failures or Disconnected Agents Due to WinHttpSendRequest Error 12029

search cancel

Download Failures or Disconnected Agents Due to WinHttpSendRequest Error 12029

book

Article ID: 289414

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

Endpoint symptoms may include:
- Using dascli status the result includes:
```
Connection: Disconnected
Session: Inactive
```
- Disconnected Agent Logs reveal messages similar to the following in the Trace.bti9 file:
```
Server Communication: WinHTTP communication error: 12029
```

Results in Console may include:

Agents are showing with Approvals Out of Date or Yara Rules Out of Date

Agent is returning errors similar to:

Error[Failed to obtain CL file[https://ServerAddress/hostpkg/pkg.php?pkg=configlistwithdeleteditems.xml.egk]: Error[WinHttpSendRequest Error[12029:]
or
Error[Failed to obtain file[https://ServerAddress/hostpkg/pkg.php?pkg=Yara.bt9]: Error[WinHttpReceiveResponse Error[12029:]

Environment

App Control Console: All Supported Versions
App Control Agent: All Supported Versions
Microsoft Windows: All Supported Versions

Cause

Microsoft defines the WinHttpSendRequest Error[12029] as:

ERROR_WINHTTP_CANNOT_CONNECT: 12029
Returned if connection to the server failed.

This error indicates that the endpoint has resolved the DNS name of the remote location, but cannot establish a connection with the remote location. Typically this happens when the port (41002, 443) is blocked or there is a mismatch in the Cipher Suites.

Resolution

Test the Agent Network Connectivity for the Server Address and/or Resource Download Location accordingly.
- Firewalls may block the connection on required ports (41002 for communication, 443 for file downloads)
- In some instances a Proxy Bypass (or SSL Inspection Bypass) may be required.
Verify a matching Cipher Suite & Protocol exists between the endpoint and application server.
- A matching set of Protocols and Cipher Suites must exist between the endpoints and the application server.
- Troubleshooting TLS Protocols or Cipher Suites
- Supported Cipher Suites & Protocols
Log in to the endpoint encountering the error and use a browser to validate the requested file exists and can be downloaded (without error), example:
```
https://ServerAddress/hostpkg/pkg.php?pkg=Yara.bt9
```
Manually import the problematic file on the endpoint (Yara, Configlist, TrustedCertList or Keychain)

Feedback

thumb_up Yes

thumb_down No