Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

App Control: How To Restore Back The Communication Key After It Was Recently Updated (keychain.json)

App Control: How To Restore Back The Communication Key After It Was Recently Updated (keychain.json)


App Control Server: 8.7+


The agent-to-server communication key (keychain.json) auto-updates periodically due to scheduled task which may cause multiple agents to become Out-of-Date or disconnected in the console.
These steps can be used to reset the communication key file (keychain.json) back to the previous version if the agents aren't able to pull the newest one from the server.


  1. Connect to one of the Out-of-Date or disconnected agent systems and open CMD and run:
    cd "C:\Program Files (x86)\Bit9\Parity Agent" 
    dascli status
  2. Take note of the Communication Key value (for example):
    Communication Key: 6601155A-C399-4B15-A8DF-1234567890
  3. Login to the App Control Server System
    • If there is an agent on the system please disable Tamper Protection
  4. Open Services (services.msc) and Stop the CB App Control Server service
  5. Move Out or Delete the existing "keychain.json" file here:
    \Program Files (x86)\Bit9\Parity Server\hostpkg\keychain.json
  6. Open SQL Mgmt Studio with account that has permissions to make change to the DAS database (e.g. CB service account)
  7. Execute the following queries:
    use das; update dbo.communication_keys set key_state = 0 where key_state = 1
    use das; update dbo.communication_keys set key_state = 1 where key_id like '6601155A-C399-4B15-A8DF-1234567890' --this is an example value, pls replace it with the one from Step 1
  8. Start the App Control Server service
  9. Verify that a new "keychain.json" file has been generated:
    • check here: "\Program Files (x86)\Bit9\Parity Server\hostpkg\"
    • open the "keychain.json" file in Notepad and check that the "keyRevision" value matches the value from the Sql query
  10. Disable the auto-generation of a new communication key file (keychain.json) again, please follow the steps in this KB
  11. Verify that the agents are connected and Up-to-Date in the console

Additional Notes

To manually manage the agents-to-server communication key (keychain.json) in the console > System Configuration page > Security tab > Scroll to the bottom > Communication Key > "Regenerate" button

Related Content

Labels (1)
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Creation Date: