Knowledge Base

Yes

Environment

EDR Windows Sensor: All Supported Versions
EDR Server: All versions
Windows OS: All Supported Versions

Symptoms

Sensor diagnostics file "sensorcomms.log" shows these errors:

Time | URL | HRESULT | Code | DurationMs | TxBytes | RxBytes | Throttle KB/s | Upload Speed KB/s
-------------------- + ---------------------------------------------------------------------------------------------------- + ---------- + ----- + ---------- + -------- + -------- + -------------------- + --------------------
2019-12-26 13:10:37 | https://cb.server.name.here:443/sensor/register/29530 | 0x80072f9a | 12186 | 0 | 0 | 0 | 500 | 0
2019-12-26 13:10:37 | https://cb.server.name.here:443/sensor/register/29530 | 0x80072f9a | 12186 | 0 | 0 | 0 | 500 | 0
2019-12-26 13:10:37 | https://cb.server.name.here:443/sensor/register/29530 | 0x80072f9a | 12186 | 0 | 0 | 0 | 500 | 0

Running the Windows certutil shows the following error:

c:\windows\system32 certutil -store carbonblack 

missing stored keyset

Cause

During the install or upgrade of the sensor, the certificate keys were not installed properly.

Resolution

Manually uninstall the corrupt sensor- EDR: How to uninstall a corrupt sensor
Reinstall the sensor on the Windows Endpoint.

Knowledge Base

EDR: Windows Sensors are Not Communicating to the Server After Installation or Upgrade (Certificate Issue).

EDR: Windows Sensors are Not Communicating to the Server After Installation or Upgrade (Certificate Issue).

Environment

Symptoms

Cause

Resolution

Related Content

EDR

Knowledge Base

EDR: Windows Sensors are Not Communicating to the Server After Installation or Upgrade (Certificate Issue).

EDR: Windows Sensors are Not Communicating to the Server After Installation or Upgrade (Certificate Issue).

Environment

Symptoms

Cause

Resolution

Related Content

EDR

Thank you for your feedback.

Thank you for your feedback.