Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Health Check: parity.exe is signed by could not check revocation

Health Check: parity.exe is signed by could not check revocation

Version

7.x, 8.x

Issue

Bit9 Console is showing Health Check errors similar to "parity.exe is signed by could not check revocation: Error[800B010E]".

Symptoms

Systems are reporting Health Check events with the following text:

Parity Agent detected a problem: C:\program files\bit9\parity agent\parity.exe is signed but could not check revocation: Error[800B010E]. Severity[Low]

Cause

The system is not connected to the Internet and has not received the most recent set of certificate revocation lists (CRL). In an online environment, Windows is able to reach out to the Internet and verify the CRLs. In the offline environment, Windows relies on the local cache of CRLs.

On a system with Internet connection, the Crypto API may be unable to reach out online to check for CRL due to either firewall or proxy restriction.

Solution

On systems that are not connected to the Internet and have no means of checking certificate revocation lists, these messages can be ignored. Please contact Bit9 Support for additional information if needed.

For those with firewall like SonicWall, please enable this setting:

In the appliances "Firewall" settings and under "App Control Advanced" change setting to "Enable" for the following rule:

Microsoft CryptoAPI

Rule ID Number 2515 (in Misc-apps group)

Related Solutions

Certificate verification is not functioning as expected

How to collect CAPI2 or CAPIMON logs for troubleshooting certificate validation and revocation healt...

Labels (1)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎11-06-2014
Views:
2990
Contributors