Carbon Black Cloud: cURL error 35 SEC_E_INVALID_TOKEN 0x80090308
search cancel

Carbon Black Cloud: cURL error 35 SEC_E_INVALID_TOKEN 0x80090308

book

Article ID: 291483

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

cURL is returning the following error:

curl: (35) schannel: next InitializeSecurityContext failed: SEC_E_INVALID_TOKEN (0x80090308) - The token supplied to the function is invalid

 

Environment

  • Carbon Black Cloud Console: All supported versions
  • Carbon Black Cloud Sensor: All supported versions
  • Microsoft Windows: All supported versions

Cause

Not all the Digital Signature Algorithm (DSA) required to talk with to our backend are present.

Resolution

For TLS 1.3, we need at least one RSAE DSA:

RSAE-PSS/SHA256
RSAE-PSS/SHA384
RSAE-PSS/SHA512


For TLS 1.2, we need at least one RSA or RSAE DSA:

RSAE-PSS/SHA256
RSAE-PSS/SHA384
RSAE-PSS/SHA512
RSA/SHA256
RSA/SHA384
RSA/SHA1
RSA/SHA512

Consider comparing this registry on a working sensor with one that is not: 
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010003\Functions

WARNING: Backup the registry before making any changes

Additional Information

If you change the registry mentioned here, a reboot will be needed in order for it to take effect.
Powered by Wolken Software