Environment
- App Control Console: All Supported Versions
- App Control Agent: All Supported Versions
Symptoms
Cause
Microsoft
defines the WinHttpSendRequest Error[12030] as:
12030: ERROR_WINHTTP_CONNECTION_ERROR
The connection with the server has been reset or terminated, or an incompatible SSL protocol was encountered.
Resolution
- Verify traffic between the endpoint and the Resource Download Location (RDL) is not blocked by the firewall.
- A matching set of Protocols and Cipher Suites must exist between the endpoints and the application server.
- No settings for TLS/Cipher Suites are available in App Control and all configuration must be done at the OS layer.
- Typically these modifications must be done via the Registry or GPO, but a tool (such as IIS Crypto) may make it easier.
- Assistance in editing the TLS & Cipher Suites in the Operating System may require support from Microsoft.
- Temporarily change the RDL to use http instead of https:
- Log in to the Console and navigate to System Configuration > Advanced Settings > Edit.
- Modify the RDL from https to http
Default: https://**ServerIP**/hostpkg/pkg.php?pkg=
Modified: http://**ServerIP**/hostpkg/pkg.php?pkg=
- Save the changes and allow the Agent(s) to complete the download & upgrade.
- Revert the changes to the RDL.
- Use a 3rd party application (such as SCCM) to complete the Agent upgrade:
- Note: The communication issue preventing Agent Upgrades will also prevent future required file transfers.
- It is strongly encouraged to resolve the underlying Protocol/Cipher Suite mismatch to prevent situations like Approvals out of Date.
Related Content