CB Response: Sensors stop checking in after adding a server certificate via GUI
search cancel

CB Response: Sensors stop checking in after adding a server certificate via GUI

book

Article ID: 290374

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

  • All sensors show as offline
  • Some sensors are associated with the new certificate without any manual changes in group settings
  • /var/log/cb/nginx/access.log shows /reserve requests with 200 responses
  • /var/log/cb/nginx/access.log shows /checkin requests with 400 responses

Environment

  • CB Response Server: 6.4.0 and Higher

Cause

The server certificate is using an illegal character

Resolution

Update the server name associated with the certificate
  1. Edit /var/cb/nginx/vhosts/server_2.conf
  2. Update the value in server_name to remove illegal characters. It does not matter what is put in place
  3. Save changes
  4. Restart nginx 
    • service cb-nginx restart

Additional Information

  • Server conf file may have a different number associated with the name. If there are multiple certificates there will be multiple files that will need to be checked for the wrong server name
  • SAN DNS entries must meet the standards for hostname formatting. Allowed characters include the hyphen and alphanumeric characters (a to z and 0 to 9)
Powered by Wolken Software