logo

Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

Carbon Black Cloud: cURL error 35 SEC_E_INVALID_TOKEN 0x80090308

Carbon Black Cloud: cURL error 35 SEC_E_INVALID_TOKEN 0x80090308

Environment

  • Carbon Black Cloud Console: All supported versions
  • Carbon Black Cloud Sensor: All supported versions
  • Microsoft Windows: All supported versions

Symptoms

cURL is returning the following error:

curl: (35) schannel: next InitializeSecurityContext failed: SEC_E_INVALID_TOKEN (0x80090308) - The token supplied to the function is invalid

 


Cause

Not all the Digital Signature Algorithm (DSA) required to talk with to our backend are present.


Resolution

For TLS 1.3, we need at least one RSAE DSA:

RSAE-PSS/SHA256
RSAE-PSS/SHA384
RSAE-PSS/SHA512


For TLS 1.2, we need at least one RSA or RSAE DSA:

RSAE-PSS/SHA256
RSAE-PSS/SHA384
RSAE-PSS/SHA512
RSA/SHA256
RSA/SHA384
RSA/SHA1
RSA/SHA512

Consider comparing this registry on a working sensor with one that is not: 
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010003\Functions

WARNING: Backup the registry before making any changes

Additional Notes

If you change the registry mentioned here, a reboot will be needed in order for it to take effect.

Related Content


Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎04-17-2024
Views:
63
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.