Environment
- App Control Agent: All Supported Versions
- Microsoft Windows: All Supported Versions
Symptoms
- Agent shows as Disconnected in the Console.
- Disconnected Agent Logs show "Server Communication: WinHTTPCommunication Error: 12175” in Trace.bt9 file.
Cause
There are a few different reasons why Windows would return WinHTTPCommunication Error 12175, including:
- App Control Server Certificate has expired.
- App Control Server Certificate is Self-signed and Certificate Verification has been enabled.
- App Control Server Certificate has incorrect Common Name/Subject Alternative Name
- Mismatch of the TLS/Cipher Suite between the endpoint and the application server hosting the App Control Server.
- Some other networking related issue.
Resolution
- Confirm if Server Certificate has expired, and replace if necessary.
- Confirm if Certificate Verification is enabled:
- Confirm SSL Certificate Configuration:
- TLS/Cipher Suite Mismatch:
- Other:
Additional Notes
- If using a certificate issued by a Certificate Authority: Confirm the Agents have the Root or Intermediate Certificate in Local Computer > Trusted Root Certification Authorities > Certificates.
- For Windows 2012 machines, the Agent will not connect to the Console if the 'P521 curve ciphers' are not enabled on the App Control Server. Otherwise, the 'P521 curve ciphers' need to be disabled on Windows 2012 machines
- The correct TLS Protocols and Cipher Suites may not be enabled, see related content.
Related Content