App Control: Upgrade Did Not Start After Download Error When Upgrading Agents
search cancel

App Control: Upgrade Did Not Start After Download Error When Upgrading Agents

book

Article ID: 290653

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

  • Upgrade errors returned to Console similar to: 
    Agent upgrade: Failed executing Installer[C:\ProgramData\Bit9\Parity Agent\ParityHostAgent.msi] Cmdline[/qN /i "C:\ProgramData\Bit9\Parity Agent\ParityHostAgent.msi" /l*v+ "\\?\globalroot\device\harddiskvolume4\programdata\bit9\parity agent\logs\ParityHostAgentInstall_TIMESTAMP.log"]. Upgrade did not start after download.
  • Events with the SubType New unapproved file to computer similar to: 
    Computer computer discovered new file c:\programdata\bit9\parity agent\parityhostagent.msi [HASH].

Publisher[Carbon Black, Inc. (IneligibleForApproval: CounterChainIdx[1] CertId[528] ValidationError[01010040:CERT_TRUST_REVOCATION_STATUS_UNKNOWN:CERT_TRUST_IS_PARTIAL_CHAIN:CERT_TRUST_IS_OFFLINE_REVOCATION])]

Environment

  • App Control Agent: All Supported Versions
  • App Control Console: All Supported Versions
  • Microsoft Windows: All Supported Versions

Cause

The endpoint(s) were unable to communicate with the remote Certificate Authority to complete validation of the Counter Chain certificates.

Resolution

Option 1: Approve Counter Chain Certificates
  1. Log in to the Console and temporarily disable Agent Upgrades in System Configuration > Advanced Options.
  2. Manually issue an approval of the Counter Chain Certificates.
  3. Wait for endpoints to receive the Configlist changes before enabling Agent Upgrades and attempting the upgrade again.

Option 2: Create A File Rule
  1. Log in to the Console and temporarily disable Agent Upgrades in System Configuration > Advanced Options.
  2. Get the SHA256 of the ParityHostAgent.msi file from the application server hosting the Console. By default this is located in: 
    C:\Program Files (x86)\Bit9\Parity Server\hostpkg\
  3. Navigate to Rules > Software Rules > Files
  4. Click Add File Rule and use the following details:
    • Rule Name: Agent <VERSION> Upgrade
    • Rule Type: Approval
    • Hash Value: <HASH>
    • Policies: All Current and Future Policies
  5. Click Save & Exit
  6. Wait for endpoints to receive the Configlist changes before enabling Agent Upgrades and attempting the upgrade again.
Powered by Wolken Software