Access official resources from Carbon Black experts
All sensors are failing to contact the server. In the sensor log, you see 0x80c8005a errors
C:\Windows\CarbonBlack\cb.exe -e 0x80c8005a
0x80C8005A: Facility[CURL] Code[005A] Severity[1] SSL public key does not match pinned public key
The certificate has not been properly configured on the server or the sensors do not have the most recent certificate.
It is important to understand that custom certificates for the back end are not supported. If you have a custom cert, we recommend setting up a multihome configuration so the UI can use the custom certificate while the back end continues to use the auto-generated cert.
When a new cert is applied, all sensors will need to be updated to use the new cert. This means that the sensor will need to be re-installed on each endpoint with the latest installer package or the cert must be applied via a modification to the registry.
If this is a new configuration, you will need to edit the following lines in /etc/cb/cb.conf to point to the new certificate
# SSL certificate and private key files to be used for HTTPS communications
# from the sensor to the enterprise server.
SSLCertFile=/etc/cb/certs/cb-server.crt
SSLKeyFile=/etc/cb/certs/cb-server.key
Why are self signed certificate used for sensor communication?
Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.