logo

Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

App Control: How To Restore Back The Communication Key After It Was Recently Updated (keychain.json)

App Control: How To Restore Back The Communication Key After It Was Recently Updated (keychain.json)

Environment

App Control Server: 8.7+

Objective

The agent-to-server communication key (keychain.json) auto-updates periodically due to scheduled task which may cause multiple agents to become Out-of-Date or disconnected in the console.
These steps can be used to reset the communication key file (keychain.json) back to the previous version if the agents aren't able to pull the newest one from the server.

Resolution

  1. Connect to one of the Out-of-Date or disconnected agent systems and open CMD and run: 
    cd "C:\Program Files (x86)\Bit9\Parity Agent" 
dascli status
  2. Take note of the Communication Key value (for example): 
    Communication Key: 6601155A-C399-4B15-A8DF-1234567890
  3. Login to the App Control Server System
    • If there is an agent on the system please disable Tamper Protection
  4. Open Services (services.msc) and Stop the CB App Control Server service
  5. Move Out or Delete the existing "keychain.json" file here: 
    \Program Files (x86)\Bit9\Parity Server\hostpkg\keychain.json
  6. Open SQL Mgmt Studio with account that has permissions to make change to the DAS database (e.g. CB service account)
  7. Execute the following queries: 
    use das; update dbo.communication_keys set key_state = 0 where key_state = 1

use das; update dbo.communication_keys set key_state = 1 where key_id like '6601155A-C399-4B15-A8DF-1234567890' --this is an example value, pls replace it with the one from Step 1
  8. Start the App Control Server service
  9. Verify that a new "keychain.json" file has been generated:
    • check here: "\Program Files (x86)\Bit9\Parity Server\hostpkg\"
    • open the "keychain.json" file in Notepad and check that the "keyRevision" value matches the value from the Sql query
  10. Disable the auto-generation of a new communication key file (keychain.json) again, please follow the steps in this KB
  11. Verify that the agents are connected and Up-to-Date in the console

Additional Notes

To manually manage the agents-to-server communication key (keychain.json) in the console > System Configuration page > Security tab > Scroll to the bottom > Communication Key > "Regenerate" button

Related Content


Labels (1)
Labels:
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎07-12-2022
Views:
1274
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.