• After upgrading to, or installing, Linux Agent version 8.8.4 the Agent becomes disconnected and will not connect to the Server
• Using the authenticated b9cli command --configprops | grep winhttp confirms winhttp_secure_protocol_flags is set to something other than 0x0, example:

  /opt/bit9/bin/b9cli --password GlobalPasswordHere
  /opt/bit9/bin/b9cli --configprops | grep winhttp
  
  Example Returned Output:
  190. winhttp_secure_protocol_flags=0xAA0

The full resolution will require two steps, Step 1 will resolve any future agent upgrades and Step 2 is needed for any agents already upgraded to 8.8.4

1. Remove or Disable the Agent Config Prop:
   1. Log in to the Console and navigate to https://ServerAddress/Agent_config.php
   2. Click Show Filters > Value > contains: winhttp_secure_protocol_flags
   3. Click Apply.
   4. Disable/Delete the resulting Agent Config:
      
      • This Agent Config is no longer necessary as Agents are designed to rely on the OS to negotiate Cipher Suites & Protocols
   5. Manually regenerate the Agent Installers to immediately update installation files with the changes.
   6. Any agent that is upgraded after Step 1 is complete will successfully connect to the server
2. Manually fix the existing 8.8.4 Agents
   1. Uninstall the existing Agent
   2. Install the Agent using the updated Policy Installer generated from Step 1
      • Warning: Failure to use a New Policy installer for the install and instead using an older version will result in the same disconnected agent issue again
   3. Verify Agent shows as Connected in the Console after the re-install

• Using Dascli or b9cli to Issue Agent Commands
• Supported Cipher Suites & Protocols
• Manage Agent Config