Jump to content

Teun Althuizen

Members
  • Content Count

    7
  • Joined

  • Last visited

Posts posted by Teun Althuizen

  1. The agent never connected to the ERA server, so there isn't any successfull connection to the ERA server.

     

    After some research I've found some error in the trace.log from the Agent on the ERA server.

    2016-11-24 10:52:44 Error: CAgentSecurityModule [Thread 7fb906bfd700]: Certificated user verification failed with: NodVerifyCertificateChain failed: NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain

    2016-11-24 10:52:44 Error: NetworkModule [Thread 7fb904dfa700]: Verify user failed for all computers: 127.0.0.1: NodVerifyCertificateChain failed: NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain
    2016-11-24 10:52:44 Error: NetworkModule [Thread 7fb904dfa700]: Receive: NodSslWriteEncryptedData: Internal error in the underlying implementations., ResolvedIpAddress:127.0.0.1, ResolvedHostname:, ResolvedPort:2222
    2016-11-24 10:52:44 Error: NetworkModule [Thread 7fb904dfa700]: Protocol failure for session id 1134, error:Receive: NodSslWriteEncryptedData: Internal error in the underlying implementations.
    2016-11-24 10:52:44 Error: CReplicationModule [Thread 7fb883fff700]: CReplicationManager: Replication (network) connection to 'host: "127.0.0.1" port: 2222' failed with: Receive: NodSslWriteEncryptedData: Internal error in the underlying implementations.
    2016-11-24 10:53:44 Error: CAgentSecurityModule [Thread 7fb906bfd700]: Certificated user verification failed with: NodVerifyCertificateChain failed: NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain
    2016-11-24 10:53:44 Error: NetworkModule [Thread 7fb904dfa700]: Verify user failed for all computers: 127.0.0.1: NodVerifyCertificateChain failed: NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain
    2016-11-24 10:53:44 Error: NetworkModule [Thread 7fb904dfa700]: Receive: NodSslWriteEncryptedData: Internal error in the underlying implementations., ResolvedIpAddress:127.0.0.1, ResolvedHostname:, ResolvedPort:2222
    2016-11-24 10:53:44 Error: NetworkModule [Thread 7fb904dfa700]: Protocol failure for session id 1135, error:Receive: NodSslWriteEncryptedData: Internal error in the underlying implementations.
    2016-11-24 10:53:44 Error: CReplicationModule [Thread 7fb883fff700]: CReplicationManager: Replication (network) connection to 'host: "127.0.0.1" port: 2222' failed with: Receive: NodSslWriteEncryptedData: Internal error in the underlying implementations.
     
    So it seems the era agent on the server itself isn't even able to connect.
    Besides this I've check with nmap that port 2222 is open on the era server
  2. After a reinstall this is the error shown in the trace.log

    Besides this the status.html is showing an error in the peer certificate. (Before the reinstall this was ok)

    2016-11-23 12:36:01 Error: CAgentSecurityModule [Thread 27d4]: Certificated user verification failed with: NodVerifyCertificateChain failed: NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain
    2016-11-23 12:36:01 Error: NetworkModule [Thread 331c]: Verify user failed for all computers: 10.31.1.250: NodVerifyCertificateChain failed: NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain
    2016-11-23 12:36:01 Error: NetworkModule [Thread 331c]: Receive: NodSslWriteEncryptedData: Incorrect/unknown certificate or key format., ResolvedIpAddress:10.31.1.250, ResolvedHostname:, ResolvedPort:2222
    2016-11-23 12:36:01 Error: NetworkModule [Thread 331c]: Protocol failure for session id 1, error:Receive: NodSslWriteEncryptedData: Incorrect/unknown certificate or key format.
    2016-11-23 12:36:01 Error: CReplicationModule [Thread 3228]: CReplicationManager: Replication (network) connection to 'host: "era.xebic.com" port: 2222' failed with: Receive: NodSslWriteEncryptedData: Incorrect/unknown certificate or key format.
    2016-11-23 12:36:06 Error: CAgentSecurityModule [Thread 27d4]: Certificated user verification failed with: NodVerifyCertificateChain failed: NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain
    2016-11-23 12:36:06 Error: NetworkModule [Thread 331c]: Verify user failed for all computers: 10.31.1.250: NodVerifyCertificateChain failed: NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain
    2016-11-23 12:36:06 Error: NetworkModule [Thread 331c]: Receive: NodSslWriteEncryptedData: Incorrect/unknown certificate or key format., ResolvedIpAddress:10.31.1.250, ResolvedHostname:, ResolvedPort:2222
    2016-11-23 12:36:06 Error: NetworkModule [Thread 331c]: Protocol failure for session id 2, error:Receive: NodSslWriteEncryptedData: Incorrect/unknown certificate or key format.
    2016-11-23 12:36:06 Error: CReplicationModule [Thread 3228]: CReplicationManager: Replication (network) connection to 'host: "era.xebic.com" port: 2222' failed with: Receive: NodSslWriteEncryptedData: Incorrect/unknown certificate or key format.
  3. Servers trace.log isn't showing any error's, only 1 waring:

    2016-11-23 10:04:52 Warning: CDatabaseModule [Thread 7f1b67bf6700]: Dependability checks of underlaying layer failed with: The underlying unixodbc implementation has not support for multithreading.

     

    I've tried to create a new agent certificate, after this the following error appear in the trace.log.

    2016-11-23 10:20:20 Error: CServerSecurityModule [Thread 7f1b47fff700]: ParsePkcs12: Could not verify password (invalid password or corrupted pkcs12 structure)

    2016-11-23 10:20:20 Error: ConsoleApiModule [Thread 7f1aabfdf700]: 45 Error while sending CreatePeerCertificateAndPrivateKey request: ParsePkcs12: Could not verify password (invalid password or corrupted pkcs12 structure)

     

    Could it be the server certificate change because of the change from dynamic ip (lease bij firewall) to a static configure IP?

    OK
    Failed to create certificate: Creating and signing peer certificate failed. Check input parameters for invalid or reserved characters, check certification authority pfx/pkcs12 signing certificate and corresponding password.: Trace info: ParsePkcs12: Could not verify password (invalid password or corrupted pkcs12 structure)
  4. Thanks, that worked!

    I've change the port because we had some issues with the era agents.

    The eraserver is running version 6.4.304 with the agent 6.4.293 on CentOS 6.8

     

    All of a suddon the aren't connection anymore.

    Nmap show's port 2222 is open on the server.

     

    The trace.log from the client shows the following:

    2016-11-22 16:22:38 Error: CAgentSecurityModule [Thread 1d48]: Certificated user verification failed with: NodVerifyCertificateChain failed: NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain
    2016-11-22 16:22:38 Error: NetworkModule [Thread 1754]: Verify user failed for all computers: 10.31.1.250: NodVerifyCertificateChain failed: NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain
    2016-11-22 16:22:38 Error: NetworkModule [Thread 1754]: Receive: NodSslWriteEncryptedData: Incorrect/unknown certificate or key format., ResolvedIpAddress:10.31.1.250, ResolvedHostname:, ResolvedPort:2222
    2016-11-22 16:22:38 Error: NetworkModule [Thread 1754]: Protocol failure for session id 327, error:Receive: NodSslWriteEncryptedData: Incorrect/unknown certificate or key format.
    2016-11-22 16:22:38 Error: CReplicationModule [Thread 1858]: CReplicationManager: Replication (network) connection to 'host: "era.xebic.com" port: 2222' failed with: Receive: NodSslWriteEncryptedData: Incorrect/unknown certificate or key format.
    2016-11-22 16:23:38 Error: CAgentSecurityModule [Thread 1ee4]: Certificated user verification failed with: NodVerifyCertificateChain failed: NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain
    2016-11-22 16:23:38 Error: NetworkModule [Thread 1754]: Verify user failed for all computers: 10.31.1.250: NodVerifyCertificateChain failed: NodVerifyTrustResult: 6, NVT_NotTrustedRoot, X509ChainStatus: 0x10000, X509CSF_PartialChain
    2016-11-22 16:23:38 Error: NetworkModule [Thread 1754]: Receive: NodSslWriteEncryptedData: Incorrect/unknown certificate or key format., ResolvedIpAddress:10.31.1.250, ResolvedHostname:, ResolvedPort:2222
    2016-11-22 16:23:38 Error: NetworkModule [Thread 1754]: Protocol failure for session id 328, error:Receive: NodSslWriteEncryptedData: Incorrect/unknown certificate or key format.
    2016-11-22 16:23:38 Error: CReplicationModule [Thread 2614]: CReplicationManager: Replication (network) connection to 'host: "era.xebic.com" port: 2222' failed with: Receive: NodSslWriteEncryptedData: Incorrect/unknown certificate or key format.
  5. I can actually acces the loginscreen, after trying to login the errror "Login failed: Connection has failed with state 'Not connected'" displays.

     

    In the EraWebServerConfig.properties file the 2223 port is specified.

    The only thing I've change is the Webconsole port to port 2222.

    See Figure 1-5 at this page hxxp://support.eset.com/kb3701/

    Could is be that this specific setting is configured in another file?

     
    After a reboot the first error specified is this one:
    2016-11-22 14:18:39 Error: NetworkModule [Thread 7fb91fb8f700]: bind: Address already in use
×
×
  • Create New...