Cb Protection: Check Point File Analysis Returning "Could Not Establish Trust Relationship for the SSL/TLS Secure Channel"

Cb Protection: Check Point File Analysis Returning "Could Not Establish Trust Relationship for the SSL/TLS Secure Channel"

Environment

  • Cb Protection Server: 8.0.x and Greater
  • Microsoft Windows Server: All Supported Versions
  • Check Point: All Supported Versions

Symptoms

After attempting to analyze files the error "The underlying connection was closed. Could not establish trust relationship for the SSL/TLS secure channel" is displayed in the Error column on the Analyzed Files page.

Cause

After the inital 8.0.x release SSL/TLS certificate checks on file uploads are honored. Thus, certificates that are not trusted can cause the connector to fail. 

Resolution

  1. Navigate in a browser to https://YOURSERVER/Support.php
  2. Enable Server Diagnostics, with the Server and Reporter logging to High. Script and SQL collection not required.
  3. Once enabled, test the connection under the System Configuration (GEAR Icon) > Administration > Connectors page.
  4. Analyze a file.
  5. Log into the Cb Protection application server as the service account user.
  6. Confirm that the latest file analysis has failed.
  7. Navigate on the server to C:\Program Files (x86)\Bit9\Parity Server\Reporter and open the most recent ReporterLog.bt9 file. Scroll to the bottom and copy the full URL it's requesting.
  8. On the server, open the URL in Internet Explorer. You will likely see a certificate related error.
  9. Import your Check Point certificate into the computers Trusted Root Certification Authority using the MMC snap-in. Please note the Subject name of the certificate.
  10. Verify that you can ping the Subject name of the certificate.  If no routing is enabled, you can add it to your DNS or modify the server Host file to include the route.
  11. Navigate back to the System Configuration (GEAR Icon) > Administration > Connectors page, and make sure the Checkpoint File analysis IP matches the name found in your Check Point certificate.
  12. Restart the Cb Protection Reporter service. 

Additional Notes


Related Content


Labels (1)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎06-30-2017
Views:
488
Contributors