Access official resources from Carbon Black experts
Cb Response 5.x.
Cb Response hasn't been configured correctly.
Connector getting error on launch or in wildfire.log:
SSLError: [SSL: UNKNOWN_PROTOCOL] unknown protocol (_ssl.c:590).
Check that error log and connector configuration
Check that /etc/yum.repos.d/CbOpenSource.repo exists with correct content
If it does not, enter the following command:
curl -O https://opensource.carbonblack.com/release/x86_64/CbOpenSource.repo
Leave this line commented out:
Replace <https://my.local.wildfire.appliance> with correct url:
Make sure API Token matches with “carbonblack_server_token” setting in connector.conf file
sudo psql cb -p 5002 -c "select id,username,firstname,lastname,global_admin,auth_token from cb_user;"
If you are still receiving the error, check if there is a local proxy or firewall that is blocking the traffic.
See if a Proxy is configured for the Alliance server under /etc/cb/cb.conf
We can check for a local proxy with:
cat /etc/environment printenv |grep -i proxy env |grep -i proxy
printenv |grep -i proxy
env |grep -i proxy
Check network traffic to see if a firewall blocking access to wildfire.
Note: After making any changes to the wildfire connector configuration, it can be restarted with:
service /etc/init.d/cb-wildfire-connector stopservice /etc/init.d/cb-wildfire-connector start
service /etc/init.d/cb-wildfire-connector stop
service /etc/init.d/cb-wildfire-connector start