Endpoint Standard: Mirror server will not connect over HTTPS
search cancel

Endpoint Standard: Mirror server will not connect over HTTPS

book

Article ID: 291557

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

  • Mirror Servers will not update over HTTPS
  • Wireshark capture shows connection attempts to updates2.cdc.carbonblack.io using TLS 1.0 
  • 0 files downloaded

Environment

  • Carbon Black Cloud Console: All Versions
    • Endpoint Standard
  • Carbon Black Cloud Mirror Server Utility: v3.0
    • Microsoft Windows: All Supported Versions

Cause

As of February 2022, we now require TLS 1.2 for connections made to updates2.cdc.carbonblack.io

Resolution

Adding "--no-dns-resolve" to the command lines in the do_update_ssl.bat or update_defs_ssl.sh script ensures that TLS 1.2 will be used to make the connection. Example(s)
Linux
Linux -> retry ./avupdate.bin --mirror --no-dns-resolve --no-config --internet-srvs=https://updates2.cdc.carbonblack.io/update2…
Windows
upd.exe --mirror --no-dns-resolve --no-config --update-modules-list=VDF,AVE2 --master-file=/idx/master.idx --product-file=/idx/savapi4lib-win32-en.info.gz ...

 
 
Powered by Wolken Software