logo

Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Carbon Black Cloud: Sensor fails to install due to removed Root Certificate Authority

Carbon Black Cloud: Sensor fails to install due to removed Root Certificate Authority

Environment

  • Carbon Black Cloud Sensor: All Versions
  • Microsoft Windows: All Supported Versions

Symptoms

  • Sensor fails to install on endpoint
  • Unattended install being performed outside C:\Temp
  • Correct traffic/communications are allowed through any Proxy/Firewall in place
  • No SSL inspection being performed by Proy/Firewall
  • CRL checking disabled at install (CURL_CRL_CHECK=0)
  • Installer/MSI log shows errors registering 
    CA:InstallPreCheck: Register failed. Please make sure your network is connected and provide a correct register code.
CA:InstallPreCheck: Error 0x80004005: Failed to register.
CDeviceRegistration::Register: We couldn't connect to the cloud due to an untrusted connection. The certificate chain was issued by an authority that is not trusted.
  • confer-temp.log file shows certificate error 
    http: schannel: next InitializeSecurityContext failed: SEC_E_UNTRUSTED_ROOT (0x80090325) - The certificate chain was issued by an authority that is not trusted.
  • Go Daddy signing certificates removed from local machine certificate store
  • Error code popup during install 
    We couldn't connect to the cloud due to an untrusted connection. The certificate chain was issued by an authority that is not trusted.

Cause

  • "Turn off Automatic Root Certificates Update" GPO is set to Enabled

Resolution

  1. Press ⊞Win + R
  2. Type certlm.msc and hit Enter
  3. Go to 'Trusted Root Certification Authorities' > 'Certificates'
  4. Click into the 'Issued To' column and begin typing 'Go Daddy'
  5. There should be two Go Daddy Certs (Go Daddy Class 2 Certification Authority and Go Daddy Root Certificate Authority – G2)
  6. If Go Daddy certs are not in local machine cert store, re-add prior to attempted install 
    Main link: Repository

Certs to install locally:
GoDaddy Certification Authority Root Certificate - G2
gdroot-g2.crt
SHA256: 45140B3247EB9CC8C5B4F0D7B53091F73292089E6E5A63E2749DD3ACA9198EDA
Download link: https://ssl-ccp.godaddy.com/repository/gdroot-g2.crt

GoDaddy Class 2 Certification Authority Root Certificate
gd-class2-root.crt (PEM) https://ssl-ccp.godaddy.com/repository/gdig2.crt.pem
gd-class2-root.cer (DER) https://ssl-ccp.godaddy.com/repository/gdig2.crt
SHA256: C3846BF24B9E93CA64274C0EC67C1ECC5E024FFCACD2D74019350E81FE546AE4

Additional Notes

If the problem remains, please open a case with VMware Carbon Black Support.

Was this article helpful? Yes No
0% helpful (0/1)
Article Information
Author:
CB_Support
Creation Date:
‎08-31-2020
Views:
23388
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.